• [3c88f3938b] - (SEMVER-MINOR) assert: implement partial error comparison (Ruben Bridgewater) #57370
• [db19a3f9fc] - (SEMVER-MINOR) assert: improve partialDeepStrictEqual (Ruben Bridgewater) #57370
• [1ee5f840b4] - (SEMVER-MINOR) cli: allow --cpu-prof* in NODE_OPTIONS (Carlos Espa) #57018
• [872ee0f2ac] - crypto: update root certificates to NSS 3.108 (Node.js GitHub Bot) #57381
• [03a0f3a56b] - (SEMVER-MINOR) crypto: support --use-system-ca on Windows (Joyee Cheung) #56833
• [94647bbdb2] - (SEMVER-MINOR) crypto: added support for reading certificates from macOS system store (Tim Jacomb) #56599
• [8f7b86a6e7] - deps: update timezone to 2025a (Node.js GitHub Bot) #56876
• [f9f611fb58] - (SEMVER-MINOR) deps,tools: add zstd 1.5.6 (Jan Martin) #52100
• [07a6d5f8cf] - (SEMVER-MINOR) dns: add TLSA record query and parsing (Rithvik Vibhu) #52983
• [d8a83ef2f3] - doc: add @geeksilva97 to collaborators (Edy Silva) #57241
• [6b93ba723b] - (SEMVER-MINOR) module: use synchronous hooks for preparsing in import(cjs) (Joyee Cheung) #55698
• [b2e44a8079] - (SEMVER-MINOR) module: implement module.registerHooks() (Joyee Cheung) #55698
• [dc91ae7471] - (SEMVER-MINOR) process: add execve (Paolo Insogna) #56496
• [bc672fcfdd] - (SEMVER-MINOR) sqlite: allow returning ArrayBufferViews from user-defined functions (René) #56790
• [5edee197ab] - (SEMVER-MINOR) tls: implement tls.getCACertificates() (Joyee Cheung) #57107
• [f9fe0e09ee] - (SEMVER-MINOR) util: expose diff function used by the assertion errors (Giovanni Bucci) #57462
• [673a424180] - (SEMVER-MINOR) v8: add v8.getCppHeapStatistics() method (Aditi) #57146
• [4991e5d826] - (SEMVER-MINOR) zlib: add zstd support (Jan Martin) #52100

• [ea70a379c3] - assert: improve partialDeepStrictEqual performance (Ruben Bridgewater) #57509
• [2b419d7e79] - (SEMVER-MINOR) assert: implement partial error comparison (Ruben Bridgewater) #57370
• [d817c17fd7] - (SEMVER-MINOR) assert: improve partialDeepStrictEqual (Ruben Bridgewater) #57370
• [7af0440073] - assert: improve myers diff performance (Giovanni Bucci) #57279
• [01cf5fb871] - (SEMVER-MINOR) assert,util: improve performance (Ruben Bridgewater) #57370
• [a58842cee4] - (SEMVER-MINOR) benchmark: adjust assert runtimes (Ruben Bridgewater) #57370
• [b20b3697aa] - (SEMVER-MINOR) benchmark: skip running some assert benchmarks by default (Ruben Bridgewater) #57370
• [ec5570fd1e] - (SEMVER-MINOR) benchmark: add assert partialDeepStrictEqual benchmark (Ruben Bridgewater) #57370
• [b991bf4ca6] - benchmark: add a warmup on bench-openSync (Elves Vieira) #57051
• [4a455bc806] - build: fix update-wpt workflow (Jonas) #57468
• [6ec397e61c] - build: fix compatibility with V8's depot_tools (Richard Lau) #57330
• [475aaca336] - build: print 'Formatting Markdown...' for long task markdown formatting (1ilsang) #57108
• [73fced7a97] - build: fix GN build failure (Cheng) #57013
• [af05f91425] - build: fix GN build of uv (Cheng) #56955
• [fd3053e947] - build: gyp exclude libm linking on macOS (deepak1556) #56901
• [5ec6b9a50f] - build: remove explicit linker call to libm on macOS (deepak1556) #56901
• [a893da9be7] - build: link with Security.framework in GN build (Cheng) #56895
• [02cd8e0a50] - build: do not put commands in sources variables (Cheng) #56885
• [73dc8c2140] - build: add double quotes around <(python) (Luigi Pinca) #56826
• [65a3b5f73c] - build: add build option suppress_all_error_on_warn (Michael Dawson) #56647
• [424aacc942] - build,win: disable node pch with ccache (Stefan Stojanovic) #57224
• [901685c723] - build,win: enable ccache (Stefan Stojanovic) #56847
• [79987676c1] - cli: clarify --cpu-prof-name allowed values (Eugenio Ceschia) #57433
• [503d4237aa] - (SEMVER-MINOR) cli: allow --cpu-prof* in NODE_OPTIONS (Carlos Espa) #57018
• [ada572b733] - crypto: ensure expected JWK alg in SubtleCrypto.importKey RSA imports (Filip Skokan) #57450
• [7e5aabde55] - crypto: update root certificates to NSS 3.108 (Node.js GitHub Bot) #57381
• [7ea6ac1e09] - crypto: add support for intermediate certs in --use-system-ca (Tim Jacomb) #57164
• [44b19ec534] - crypto: support --use-system-ca on non-Windows and non-macOS (Joyee Cheung) #57009
• [e21d126438] - crypto: fix missing OPENSSL_NO_ENGINE guard (Shelley Vohr) #57012
• [2fdf82b357] - crypto: cleanup root certificates and skip PEM deserialization (Joyee Cheung) #56999
• [03a0f3a56b] - (SEMVER-MINOR) crypto: support --use-system-ca on Windows (Joyee Cheung) #56833
• [bbdb10bc2c] - crypto: fix X509* leak in --use-system-ca (Joyee Cheung) #56832
• [5470cab6d3] - crypto: add api to get openssl security level (Michael Dawson) #56601
• [94647bbdb2] - (SEMVER-MINOR) crypto: added support for reading certificates from macOS system store (Tim Jacomb) #56599
• [caf81ca549] - debugger: fix behavior of plain object exec in debugger repl (Dario Piotrowicz) #57498
• [1d703fe220] - deps: update c-ares to v1.34.5 (Node.js GitHub Bot) #57792
• [98457dfea3] - deps: update undici to 6.21.2 (Matteo Collina) #57442
• [4a852ba11b] - deps: V8: cherry-pick c172ffc5bf54 (Choongwoo Han) #57437
• [54a12e0bcc] - deps: update googletest to 0bdccf4 (Node.js GitHub Bot) #57380
• [2e350963e5] - deps: update acorn to 8.14.1 (Node.js GitHub Bot) #57382
• [95e5d01c25] - deps: update amaro to 0.4.1 (marco-ippolito) #57121
• [ef216deb05] - deps: update amaro to 0.3.2 (marco-ippolito) #56916
• [4ef4d6ecf6] - deps: update amaro to 0.3.1 (Node.js GitHub Bot) #56785
• [a8bf5ef4a7] - deps: update simdjson to 3.12.2 (Node.js GitHub Bot) #57084
• [0bd612bb32] - deps: update archs files for openssl-3.0.16 (Node.js GitHub Bot) #57335
• [7d65f79306] - deps: upgrade openssl sources to quictls/openssl-3.0.16 (Node.js GitHub Bot) #57335
• [5c88c52491] - deps: update corepack to 0.32.0 (Node.js GitHub Bot) #57265
• [fa04bf4999] - deps: update gyp file for ngtcp2 1.11.0 (Richard Lau) #57225
• [ca6b07258d] - deps: update cjs-module-lexer to 2.1.0 (Node.js GitHub Bot) #57180
• [0a72b16fe1] - deps: update ngtcp2 to 1.11.0 (Node.js GitHub Bot) #57179
• [600fb41f54] - deps: update sqlite to 3.49.1 (Node.js GitHub Bot) #57178
• [7eb3b44010] - deps: update zlib to 1.3.0.1-motley-788cb3c (Node.js GitHub Bot) #56655
• [257d22e181] - deps: update sqlite to 3.49.0 (Node.js GitHub Bot) #56654
• [53a7bfce01] - deps: V8: cherry-pick 9ab40592f697 (Levi Zim) #56781
• [636f65cb1a] - deps: update cjs-module-lexer to 2.0.0 (Michael Dawson) #56855
• [8f7b86a6e7] - deps: update timezone to 2025a (Node.js GitHub Bot) #56876
• [db31276bfa] - deps: update simdjson to 3.12.0 (Node.js GitHub Bot) #56874
• [d1d58d6198] - deps: update googletest to e235eb3 (Node.js GitHub Bot) #56873
• [05b3dff275] - deps: update simdjson to 3.11.6 (Node.js GitHub Bot) #56250
• [f9f611fb58] - (SEMVER-MINOR) deps,tools: add zstd 1.5.6 (Jan Martin) #52100
• [ef212a41a7] - dns: restore dns query cache ttl (Ethan Arrowood) #57640
• [7a10b01e97] - dns: remove redundant code using common variable (Deokjin Kim) #57386
• [bc2603f086] - (SEMVER-MINOR) dns: add TLSA record query and parsing (Rithvik Vibhu) #52983
• [38a2e5d60b] - doc: add gurgunday as triager (Gürgün Dayıoğlu) #57594
• [b7ac0bd129] - doc: clarify behaviour of node-api adjust function (Michael Dawson) #57463
• [fa834896c8] - doc: remove Corepack documentation (Antoine du Hamel) #57635
• [8988173286] - doc: remove mention of --require not supporting ES modules (Huáng Jùnliàng) #57620
• [3a7d179dbd] - doc: mention reports should align with Node.js CoC (Rafael Gonzaga) #57607
• [983c5087f6] - doc: add section stating that very stale PRs should be closed (Dario Piotrowicz) #57541
• [f4e1f702d4] - doc: add bjohansebas as triager (Sebastian Beltran) #57564
• [9b7fd6b076] - doc: update support channels (Claudio W.) #57538
• [ef624aff55] - doc: remove cryptoStream API reference (Jonas) #57579
• [4a2afc255a] - doc: module resolution pseudocode corrections (Marcel Laverdet) #57080
• [ee5059426d] - doc: add history entry for DEP0190 in child_process.md (Antoine du Hamel) #57544
• [4deebb4fca] - doc: remove deprecated pattern in child_process.md (Antoine du Hamel) #57568
• [6cd7b37d9c] - doc: mark multiple experimental APIS as stable (James M Snell) #57510
• [c2f1fa0928] - doc: remove mertcanaltin from Triagers (Mert Can Altin) #57531
• [9b6047e520] - doc: recommend watching the collaborators repo in the onboarding doc (Darshan Sen) #57527
• [bf1e297079] - doc: remove mention of visa fees from onboarding doc (Darshan Sen) #57526
• [1041331094] - doc: deprecate passing args to spawn and execFile (Antoine du Hamel) #57389
• [06994d5a75] - doc: remove some inconsistencies in deprecations.md (Antoine du Hamel) #57512
• [707f851ba3] - doc: run license-builder (github-actions[bot]) #57511
• [a7793195d6] - doc: add new writing-docs contributing md (Dario Piotrowicz) #57502
• [30d4a43b3d] - doc: add node.js streams references to Web Streams doc (Dario Piotrowicz) #57393
• [e08365980b] - doc: prefer to sign commits under nodejs repository (Rafael Gonzaga) #57311
• [c35e1f9048] - doc: fixed the incorrect splitting of multiple words (letianpailove) #57454
• [3e1f3bc2bb] - doc: add review guidelines for collaborator nominations (Antoine du Hamel) #57449
• [fef3f82a41] - doc: add history info for --use-system-ca (Darshan Sen) #57432
• [96afdf949d] - doc: remove typo YAML snippet from tls.getCACertificates doc (Darshan Sen) #57459
• [800d61d47e] - doc: fix typo in sqlite.md (Tobias Nießen) #57473
• [4876aee775] - doc: explicit mention arbitrary code execution as a vuln (Rafael Gonzaga) #57426
• [2dd72c658f] - doc: update maintaining-openssl.md for openssl (Richard Lau) #57413
• [a49fd31f04] - doc: add missing deprecated badges in fs.md (Yukihiro Hasegawa) #57384
• [3a4ed77674] - doc: add note about sync nodejs-private branches (Rafael Gonzaga) #57404
• [1025e6dc7c] - doc: update Xcode version used for arm64 and pkg (Michaël Zasso) #57104
• [77b9e04a70] - doc: improve type stripping documentation (Marco Ippolito) #56916
• [3a75e8410d] - doc: specificy support for erasable ts syntax (Marco Ippolito) #56916
• [69f12f9686] - doc: make first parameter optional in util.getCallSites (Deokjin Kim) #57387
• [2b4e737ffb] - doc: fix usage of module.registerSync in comment (Timo Kössler) #57328
• [f320593958] - doc: add Darshan back as voting TSC member (Michael Dawson) #57402
• [2b7765469a] - doc: revise webcrypto.md types, interfaces, and added versions (Filip Skokan) #57376
• [649828c74a] - doc: add info on how project manages social media (Michael Dawson) #57318
• [2a2e1cfd71] - doc: revise tsconfig.json note (Steven) #57353
• [17883b1d46] - doc: use more clear name in getSystemErrorMessage's example (ikuma-t) #57310
• [7feed9989b] - doc: recommend setting noEmit: true in tsconfig.json (Steven) #57320
• [fe707ab162] - doc: ping nodejs/tsc for each security pull request (Rafael Gonzaga) #57309
• [f3c58ab693] - doc: fix Windows ccache section position (Stefan Stojanovic) #57326
• [e69170bacd] - doc: update node-api version matrix (Chengzhong Wu) #57287
• [0bc1fd2245] - doc: recommend erasableSyntaxOnly in ts docs (Rob Palmer) #57271
• [068013744e] - doc: clarify path.isAbsolute is not path traversal mitigation (Eric Fortis) #57073
• [238b0e856e] - doc: fix rendering of DEP0174 description (David Sanders) #56835
• [db0bcefd14] - doc: add 1ilsang to triage team (1ilsang) #57183
• [52a593feab] - doc: add @geeksilva97 to collaborators (Edy Silva) #57241
• [89f4475e32] - doc: add missing assert return types (Colin Ihrig) #57219
• [62b6d94c03] - doc: add streamResetBurst and streamResetRate (Sujal Raj) #57195
• [f150017e70] - doc: add esm examples to node:util (Alfredo González) #56793
• [99465ffa9c] - doc: update options to filehandle.appendFile() (Hasegawa-Yukihiro) #56972
• [6242520a90] - doc: add additional caveat for fs.watch (Michael Dawson) #57150
• [19cda4791a] - doc: fix typo in Windows building instructions (Tim Jacomb) #57158
• [ef206add59] - doc: fix web.libera.chat link in pull-requests.md (Samuel Bronson) #57076
• [7243c1713d] - doc: remove buffered flag from performance hooks examples (Pavel Romanov) #52607
• [617fe71f67] - doc: fix 'introduced_in' version in typescript module (1ilsang) #57109
• [6cc15b8dc9] - doc: fix link and history of SourceMap sections (Antoine du Hamel) #57098
• [6be8189041] - doc: add module namespace object links (Dario Piotrowicz) #57093
• [8611c4a3ea] - doc: disambiguate pseudo-code statement (Dario Piotrowicz) #57092
• [79da145a55] - doc: update clang-cl on Windows building guide (Joyee Cheung) #57087
• [845eaf91be] - doc: fix wrong articles used to address modules (Dario Piotrowicz) #57090
• [42c5e23eb1] - doc: modules.md: fix distance definition (Alexander “weej” Jones) #57046
• [bda851aaa3] - doc: fix wrong verb form (Dario Piotrowicz) #57091
• [64e13fd36e] - doc: fix transpiler loader hooks documentation (Joyee Cheung) #57037
• [51494d8b78] - doc: add a note about require('../common') in testing documentation (Aditi) #56953
• [053b128e9c] - doc: recommend writing tests in new files and including comments (Joyee Cheung) #57028
• [a20c62a00c] - doc: improve documentation on argument validation (Aditi) #56954
• [2921658813] - doc: buffer: fix typo on Buffer.copyBytesFrom( offset option (tpoisseau) #57015
• [6f4ab1c9b2] - doc: update cleanup to trust on vuln db automation (Rafael Gonzaga) #57004
• [5285facb3e] - doc: move stability index after history section for consistency (Antoine du Hamel) #56997
• [a7646e17ff] - doc: add signal to filehandle.writeFile() options (Yukihiro Hasegawa) #56804
• [ba031089e6] - doc: run license-builder (github-actions[bot]) #56985
• [afa6f93a32] - doc: update history of stream.Readable.toWeb() (Jimmy Leung) #56928
• [cc644de126] - doc: make MDN links to global classes more consistent (Antoine du Hamel) #56924
• [93bba4eee1] - doc: make MDN links to global classes more consistent in assert.md (Antoine du Hamel) #56920
• [ad03c85f98] - doc: make MDN links to global classes more consistent (Antoine du Hamel) #56923
• [96c2a90dee] - doc: make MDN links to global classes more consistent in util.md (Antoine du Hamel) #56922
• [6bb73c0745] - doc: make MDN links to global classes more consistent in buffer.md (Antoine du Hamel) #56921
• [824cf35475] - doc: update post sec release process (Rafael Gonzaga) #56907
• [027749eb17] - doc: update websocket link to avoid linking to self (Chengzhong Wu) #56897
• [5dcb9d632b] - doc: mark --env-file-if-exists flag as experimental (Juan José) #56893
• [4f6d751bf5] - doc: fix typo in cjs example of util.styleText (Deokjin Kim) #56769
• [313d9db7a5] - doc: clarify sqlite user-defined function behaviour (René) #56786
• [eff42956c4] - doc: correct customization hook types & clarify descriptions (Jacob Smith) #56454
• [64180421c2] - events: getMaxListeners detects 0 listeners (Matthew Aitken) #56807
• [2de27787b4] - fs: apply exclude function to root path (Rich Trott) #57420
• [b6df9e350a] - fs: handle UV_ENOTDIR in fs.statSync with throwIfNoEntry provided (Juan José Arboleda) #56996
• [14b2d496a0] - fs: make FileHandle.readableWebStream always create byte streams (Ian Kerins) #55461
• [10d2f1d898] - http: coerce content-length to number (Marco Ippolito) #57458
• [9192b7fa25] - http: be more generational GC friendly (ywave620) #56767
• [1cf98a8788] - inspector: convert event params to protocol without json (Chengzhong Wu) #57027
• [6dcad868bb] - inspector: skip promise hook in the inspector async hook (Joyee Cheung) #57148
• [787e93f75a] - inspector: add Network.Initiator in inspector protocol (Chengzhong Wu) #56805
• [c7c04d0dc8] - inspector: fix GN build (Cheng) #56798
• [177da9c3c3] - inspector: fix StringUtil::CharacterCount for unicodes (Chengzhong Wu) #56788
• [1b5418eeea] - lib: add warning when binding inspector to public IP (Demian Parkhomenko) #55736
• [cc4d33842b] - lib: limit split function calls to prevent excessive array length (Gürgün Dayıoğlu) #57501
• [0546612d1d] - lib: make getCallSites sourceMap option truly optional (James M Snell) #57388
• [d7d54e6bf3] - lib: optimize priority queue (Gürgün Dayıoğlu) #57100
• [62761c73a1] - lib: fixup incorrect argument order in assertEncoding (James M Snell) #57177
• [5dce55c376] - meta: add some clarification to the nomination process (James M Snell) #57503
• [a2a4cf1d95] - meta: remove collaborator self-nomination (Rich Trott) #57537
• [244f74b844] - meta: edit collaborator nomination process (Antoine du Hamel) #57483
• [dec204bb3f] - meta: move ovflowd to emeritus (Claudio W.) #57443
• [c0b8b84384] - meta: bump codecov/codecov-action from 5.3.1 to 5.4.0 (dependabot[bot]) #57257
• [14cbe292da] - meta: bump github/codeql-action from 3.28.8 to 3.28.10 (dependabot[bot]) #57254
• [69d2dd69e2] - meta: bump ossf/scorecard-action from 2.4.0 to 2.4.1 (dependabot[bot]) #57253
• [5f3428ded6] - meta: move RaisinTen back to collaborators, triagers and SEA champion (Darshan Sen) #57292
• [3eea8c72fc] - meta: bump actions/download-artifact from 4.1.8 to 4.1.9 (dependabot[bot]) #57260
• [2508893edb] - meta: bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (dependabot[bot]) #57259
• [fc09523f44] - meta: bump step-security/harden-runner from 2.10.4 to 2.11.0 (dependabot[bot]) #57258
• [b162402440] - meta: bump actions/cache from 4.2.0 to 4.2.2 (dependabot[bot]) #57256
• [f781be1332] - meta: bump actions/upload-artifact from 4.6.0 to 4.6.1 (dependabot[bot]) #57255
• [7934ad9fc0] - meta: bump actions/setup-python from 5.3.0 to 5.4.0 (dependabot[bot]) #56867
• [eb4fb9ce90] - meta: bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 (dependabot[bot]) #56866
• [a14e7f1cc4] - meta: bump mozilla-actions/sccache-action from 0.0.6 to 0.0.7 (dependabot[bot]) #56865
• [6c8a9e3d0d] - meta: bump codecov/codecov-action from 5.0.7 to 5.3.1 (dependabot[bot]) #56864
• [f438c27cbf] - meta: bump step-security/harden-runner from 2.10.2 to 2.10.4 (dependabot[bot]) #56863
• [24b7fcb153] - meta: bump actions/cache from 4.1.2 to 4.2.0 (dependabot[bot]) #56862
• [a0afc47988] - meta: bump actions/stale from 9.0.0 to 9.1.0 (dependabot[bot]) #56860
• [8abf4e5d7d] - meta: bump github/codeql-action from 3.27.5 to 3.28.8 (dependabot[bot]) #56859
• [c5bff736e9] - meta: add CODEOWNERS for SQLite (Colin Ihrig) #57147
• [fd2abaa088] - meta: update last name for jkrems (Jan Martin) #57006
• [2383f00aae] - meta: bump actions/upload-artifact from 4.4.3 to 4.6.0 (dependabot[bot]) #56861
• [35b3140d03] - meta: bump actions/setup-node from 4.1.0 to 4.2.0 (dependabot[bot]) #56868
• [815fcef73d] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #56889
• [08001127a2] - meta: add @nodejs/url as codeowner (Chengzhong Wu) #56783
• [3ceda2a035] - module: handle cached linked async jobs in require(esm) (Joyee Cheung) #57187
• [4c29cc7e6b] - module: add dynamic file-specific ESM warnings (Mert Can Altin) #56628
• [d1845edd21] - module: improve error message from asynchronicity in require(esm) (Joyee Cheung) #57126
• [41fa7d3c21] - module: allow omitting context in synchronous next hooks (Joyee Cheung) #57056
• [deddecce3a] - module: fix require.resolve() crash on non-string paths (Aditi) #56942
• [926b887534] - module: fixing url change in load sync hook chain (Vitalii Akimov) #56402
• [6b93ba723b] - (SEMVER-MINOR) module: use synchronous hooks for preparsing in import(cjs) (Joyee Cheung) #55698
• [b2e44a8079] - (SEMVER-MINOR) module: implement module.registerHooks() (Joyee Cheung) #55698
• [e79e67f6dc] - net: validate non-string host for socket.connect (Daeyeon Jeong) #57198
• [e23056212e] - net: replace brand checks with identity checks (Yagiz Nizipli) #57341
• [9c0d5e140b] - net: emit an error when custom lookup resolves to a non-string address (Edy Silva) #57192
• [2ce79787de] - (SEMVER-MINOR) process: add execve (Paolo Insogna) #56496
• [712db2232c] - readline: add support for Symbol.dispose (Antoine du Hamel) #57276
• [55fb81c0f1] - readline: fix unresolved promise on abortion (Daniel Venable) #54030
• [dfcd9b1ac2] - sea: suppress builtin warning with disableExperimentalSEAWarning option (koooge) #57086
• [bd5c90654a] - sqlite: add support for unknown named parameters (Colin Ihrig) #57552
• [ec571382a4] - sqlite: add DatabaseSync.prototype.isOpen (Colin Ihrig) #57522
• [bb3bbed126] - sqlite: add DatabaseSync.prototype[Symbol.dispose]() (Colin Ihrig) #57506
• [6067bea027] - sqlite: restore changes from #55373 (Colin Ihrig) #56908
• [bc672fcfdd] - (SEMVER-MINOR) sqlite: allow returning ArrayBufferViews from user-defined functions (René) #56790
• [227603dc30] - sqlite,test,doc: allow Buffer and URL as database location (Edy Silva) #56991
• [9dd324467a] - src: cleanup aliased_buffer.h (Mohammed Keyvanzadeh) #57395
• [45a2b8532b] - src: do not pass nullptr to std::string ctor (Charles Kerr) #57354
• [854370a06c] - src: fix process exit listeners not receiving unsettled tla codes (Dario Piotrowicz) #56872
• [f7fb259193] - src: refactor SubtleCrypto algorithm and length validations (Filip Skokan) #57319
• [c7bcc2d6c8] - src: allow embedder customization of OOMErrorHandler (Shelley Vohr) #57325
• [fbd8862156] - src: use Maybe<void> in ProcessEmitWarningSync (Daeyeon Jeong) #57250
• [04de550289] - src: make even more improvements to error handling (James M Snell) #57264
• [f1c5e46f89] - src: use cached emit v8::String (Daeyeon Jeong) #57249
• [65b8e12689] - src: refactor SubtleCrypto algorithm and length validations (Filip Skokan) #57273
• [b6091a8b21] - src: make more error handling improvements (James M Snell) #57262
• [3bd8a6c76e] - src: fix typo in comment (Antoine du Hamel) #57291
• [f7e39385ae] - src: improve error handling in node_messaging.cc (James M Snell) #57211
• [1bb561bede] - src: improve error handling in tty_wrap.cc (James M Snell) #57211
• [567d321a40] - src: improve error handling in tcp_wrap.cc (James M Snell) #57211
• [f8bee871f7] - src: fix ThrowInvalidURL call in PathToFileURL (Daniel M Brasil) #57141
• [817f7d0e2e] - src: improve error handling in buffer and dotenv (James M Snell) #57189
• [11ef7f9d9c] - src: improve error handling in module_wrap (James M Snell) #57188
• [3b08d718b1] - src: improve error handling in spawn_sync (James M Snell) #57185
• [9221c2ad87] - src: detect whether the string is one byte representation or not (theweipeng) #56147
• [e323694772] - src: fix crash when lazy getter is invoked in a vm context (Chengzhong Wu) #57168
• [9363b05a91] - src: do not format single string argument for THROW_ERR_* (Joyee Cheung) #57126
• [5d6a1bc35b] - src: move instead of copy shared pointer in node_blob (Michaël Zasso) #57120
• [5dab48fd9f] - src: replace NewFromUtf8 with OneByteString where appropriate (James M Snell) #57096
• [0fe60b478d] - src: port defineLazyProperties to native code (Antoine du Hamel) #57081
• [792959db1d] - src: improve error handling in node_blob (James M Snell) #57078
• [e05e2cfb1e] - src: fix accessing empty string (Cheng) #57014
• [619e52ce8d] - src: lock the isolate properly in IsolateData destructor (Joyee Cheung) #57031
• [844a4a884d] - src: add self-assigment memcpy checks (Burkov Egor) #56986
• [0d1e79740f] - src: improve node::Dotenv trimming (Dario Piotrowicz) #56983
• [50f164e23b] - src: improve error handling in string_bytes/decoder (James M Snell) #56978
• [93aa4393a4] - src: improve error handling in process_wrap (James M Snell) #56977
• [c1c824e38d] - src: use args.This() in zlib (Michaël Zasso) #56988
• [0a8e474bdc] - src: add nullptr handling for NativeKeyObject (Burkov Egor) #56900
• [1ea6198a5a] - src: disallow copy/move fns/constructors (Yagiz Nizipli) #56811
• [e4100853cb] - src: add a hard dependency v8_inspector_headers (Chengzhong Wu) #56805
• [a1f92898c0] - src: improve error handling in encoding_binding.cc (James M Snell) #56915
• [dee8793d94] - src: improve error handling in permission.cc (James M Snell) #56904
• [f41bc4cfd7] - src: improve error handling in node_sqlite (James M Snell) #56891
• [e4df6181bf] - src: improve error handling in node_os by removing ToLocalChecked (James M Snell) #56888
• [2c96e7a32c] - src: improve error handling in node_url (James M Snell) #56886
• [36926ae8d8] - src: add check for Bignum in GroupOrderSize (Burkov Egor) #56702
• [a68f127a30] - src: reduce string allocations on sqlite (Yagiz Nizipli) #57227
• [e41b1735f1] - stream: fix sizeAlgorithm validation in WritableStream (Daeyeon Jeong) #57280
• [3bc877dc5c] - test: add more number cases for buffer.indexOf (Meghan Denny) #57200
• [cac9a4e832] - test: update parallel/test-tls-dhe for OpenSSL 3.5 (Richard Lau) #57477
• [3082ab3a64] - test: module syntax should throw (Marco Ippolito) #57121
• [9b0dfc9a44] - test: update snapshots for amaro v0.3.2 (Marco Ippolito) #56916
• [2defc35ea8] - test: test runner run plan (Pietro Marchini) #57304
• [ccb3df70be] - test: update WPT for WebCryptoAPI to edd42c005c (Node.js GitHub Bot) #57365
• [528103c5d0] - test: simplify test-tls-connect-abort-controller.js (Yagiz Nizipli) #57338
• [17e21e6eb5] - test: use assert.match in test-esm-import-meta (Antoine du Hamel) #57290
• [77bbee5184] - test: update compression wpt (Yagiz Nizipli) #56960
• [4fe88f8f53] - Revert "test: temporary remove resource check from fs read-write" (Rafael Gonzaga) #56906
• [766efc7758] - test: more common.mustNotCall in net, tls (Meghan Denny) #57246
• [562e635e11] - test: swap assert.strictEqual() parameters (Luigi Pinca) #57217
• [64fdfd5622] - test: assert write return values in buffer-bigint64 (Meghan Denny) #57212
• [dd538e7cf1] - test: allow embedder running async context frame test (Shelley Vohr) #57193
• [937bbeb2b6] - test: resolve race condition in test-net-write-fully-async-* (Matteo Collina) #57022
• [32df9f27d8] - test: add doAppendAndCancel test (Hasegawa-Yukihiro) #56972
• [90c98df258] - test: fix test-without-async-context-frame.mjs in debug mode (Joyee Cheung) #57034
• [974817c9fc] - test: make eval snapshot comparison more flexible (Shelley Vohr) #57020
• [09741cd129] - test: simplify test-http2-client-promisify-connect-error (Luigi Pinca) #57144
• [89f3feb364] - test: improve error output of test-http2-client-promisify-connect-error (Antoine du Hamel) #57135
• [25751eba4d] - test: add case for unrecognised fields within pjson "exports" (Jacob Smith) #57026
• [bf0b9fa7c0] - test: remove unnecessary assert requiring from tests (Dario Piotrowicz) #57008
• [8cfb2df466] - test: reduce flakiness on test-net-write-fully-async-buffer (Yagiz Nizipli) #56971
• [43c8c101da] - test: remove flakiness on macOS test (Yagiz Nizipli) #56971
• [bd47178f7f] - test: improve timeout duration for debugger events (Yagiz Nizipli) #56970
• [65694aa2fd] - test: remove unnecessary syscall to cpuinfo (Yagiz Nizipli) #56968
• [5633c4b2df] - test: update webstorage wpt (Yagiz Nizipli) #56963
• [2244a2776a] - test: execute shell directly for refresh() (Yagiz Nizipli) #55051
• [afae4b1216] - test: change jenkins reporter (Carlos Espa) #56808
• [b26592a7c4] - test: fix race condition in test-child-process-bad-stdio (Colin Ihrig) #56845
• [72c2279649] - test: adjust check to use OpenSSL sec level (Michael Dawson) #56819
• [9551b27651] - test: test-crypto-scrypt.js doesn't need internals (Meghan Denny) #56673
• [3095db84be] - test: set test-fs-cp as flaky (Stefan Stojanovic) #56799
• [31f98d7ccd] - test: search cctest files (Chengzhong Wu) #56791
• [267f17d5f6] - test: convert test_encoding_binding.cc to a JS test (Chengzhong Wu) #56791
• [a875d7bdd1] - test: test-crypto-prime.js doesn't need internals (Meghan Denny) #56675
• [85482d69c6] - test: temporary remove resource check from fs read-write (Rafael Gonzaga) #56789
• [ec63d72f16] - test: mark test-without-async-context-frame flaky on windows (James M Snell) #56753
• [f16acc8521] - test: remove unnecessary code (Luigi Pinca) #56784
• [0573c19a97] - test: mark test-esm-loader-hooks-inspect-wait flaky (Richard Lau) #56803
• [48e0fd3f13] - test: update WPT for url to a23788b77a (Node.js GitHub Bot) #56779
• [642959b87f] - test: remove duplicate error reporter from ci (Carlos Espa) #56739
• [2023237b4e] - test,crypto: make tests work for BoringSSL (Shelley Vohr) #57021
• [1b33b976ec] - test_runner: refactor testPlan counter increse (Pietro Marchini) #56765
• [d860f2bf42] - test_runner: differentiate test types in enqueue dequeue events (Eddie Abbondanzio) #54049
• [993bab646c] - test_runner: print formatted errors on summary (Pietro Marchini) #56911
• [3ed3ba438f] - test_runner: allow special characters in snapshot keys (Carlos Espa) #57017
• [d1da9a3a2f] - timers: optimize timer functions with improved argument handling (Gürgün Dayıoğlu) #57072
• [44aa13990a] - timers: remove unnecessary allocation of _onTimeout (Gürgün Dayıoğlu) #57497
• [401b965977] - timers: remove unused parameter from insertGuarded (Gürgün Dayıoğlu) #57251
• [9eac9c02c9] - timers: simplify the compareTimersLists function (Gürgün Dayıoğlu) #57110
• [01215af350] - tls: remove unnecessary type check on normalize (Yagiz Nizipli) #57336
• [f5e2b12a60] - (SEMVER-MINOR) tls: implement tls.getCACertificates() (Joyee Cheung) #57107
• [7a777cdb58] - tools: fix WPT update cron string (Antoine du Hamel) #57665
• [c6d90dbf9b] - tools: remove stalled label on unstalled issues and PRs (Rich Trott) #57630
• [96f7f64602] - tools: update sccache to support GH cache changes (Michaël Zasso) #57573
• [0b87027520] - tools: bump @babel/helpers from 7.26.9 to 7.26.10 in /tools/eslint (dependabot[bot]) #57444
• [7d561eb90c] - tools: add config subspace (Marco Ippolito) #57239
• [46efdbf59f] - tools: import rather than require ESLint plugins (Michaël Zasso) #57315
• [502bfaf876] - tools: switch back to official OpenSSL (Richard Lau) #57301
• [ea821f419d] - tools: revert to use @stylistic/eslint-plugin-js v3 (Joyee Cheung) #57314
• [bb857615d3] - tools: add more details about rolling inspector_protocol (Chengzhong Wu) #57167
• [3f29d39c1b] - tools: bump the eslint group in /tools/eslint with 5 updates (dependabot[bot]) #57261
• [b3caac83d4] - tools: remove deps/zlib/GN-scraper.py (Chengzhong Wu) #57238
• [ace99ffe79] - tools: run Linux tests on GitHub arm64 runners as well (Dennis Ameling) #57162
• [e65e6269b7] - tools: consolidate 'introduced_in' check for docs (1ilsang) #57109
• [890841e64b] - tools: do not run major-release workflow on forks (Rich Trott) #57064
• [e3f86c5a0c] - tools: fix release URL computation in update-root-certs.mjs (Joyee Cheung) #56843
• [280316f773] - tools: add support for import source syntax in linter (Antoine du Hamel) #56992
• [998b2ae3cd] - tools: bump eslint version (dependabot[bot]) #56869
• [ca4121b95a] - tools: remove test-asan/ubsan workflows (Michaël Zasso) #56823
• [866ac37255] - tools: run macOS test workflow with Xcode 16.1 (Michaël Zasso) #56831
• [55ca46ad8e] - tools: update sccache and sccache-action (Michaël Zasso) #56815
• [be9c1c93a8] - tools: fix license-builder for inspector_protocol (Michaël Zasso) #56814
• [6dab980fab] - typings: fix ImportModuleDynamicallyCallback return type (Chengzhong Wu) #57160
• [e301098854] - util: avoid run debug when enabled is false (fengmk2) #57494
• [17016d7722] - (SEMVER-MINOR) util: expose diff function used by the assertion errors (Giovanni Bucci) #57462
• [42b9e19f6b] - util: enforce shouldColorize in styleText array arg (Marco Ippolito) #56722
• [5ed6d8be40] - (SEMVER-MINOR) v8: add v8.getCppHeapStatistics() method (Aditi) #57146
• [c06d218b23] - win,build: add option to enable Control Flow Guard (Hüseyin Açacak) #56605
• [8202211140] - win,test: disable test case failing with ClangCL (Stefan Stojanovic) #57397
• [1a12b4c119] - zlib: use modern class syntax for zstd classes (Yagiz Nizipli) #56965
• [f9b3680268] - zlib: make all zstd functions experimental (Yagiz Nizipli) #56964
• [4991e5d826] - (SEMVER-MINOR) zlib: add zstd support (Jan Martin) #52100

• [d5e73ce0f8] - deps: update undici to 6.21.2 (Matteo Collina) #57442
• [e4a6323ab2] - deps: update c-ares to v1.34.5 (Node.js GitHub Bot) #57792

• [d5e73ce0f8] - deps: update undici to 6.21.2 (Matteo Collina) #57442
• [e4a6323ab2] - deps: update c-ares to v1.34.5 (Node.js GitHub Bot) #57792
• [b2b9eb36af] - dns: restore dns query cache ttl (Ethan Arrowood) #57640
• [07a99a5c0b] - doc: correct status of require(esm) warning in v20 changelog (Joyee Cheung) #57529
• [d45517ccbf] - meta: bump Mozilla-Actions/sccache-action from 0.0.8 to 0.0.9 (dependabot[bot]) #57720
• [fa93bb2633] - test: update parallel/test-tls-dhe for OpenSSL 3.5 (Richard Lau) #57477
• [29c032403c] - tools: update sccache to support GH cache changes (Michaël Zasso) #57573

• [64b086740a] - (SEMVER-MINOR) assert: implement partial error comparison (Ruben Bridgewater) #57370
• [053cef70e0] - (SEMVER-MINOR) crypto: add optional callback to crypto.diffieHellman (Filip Skokan) #57274
• [f8aff90235] - (SEMVER-MINOR) process: add execve (Paolo Insogna) #56496
• [4b04c92d7d] - (SEMVER-MINOR) sqlite: add StatementSync.prototype.columns() (Colin Ihrig) #57490
• [1b8d1d3a3a] - (SEMVER-MINOR) util: expose diff function used by the assertion errors (Giovanni Bucci) #57462

• [7b72396c8b] - assert: improve partialDeepStrictEqual performance (Ruben Bridgewater) #57509
• [64b086740a] - (SEMVER-MINOR) assert: implement partial error comparison (Ruben Bridgewater) #57370
• [f694d7de0e] - (SEMVER-MINOR) assert: improve partialDeepStrictEqual (Ruben Bridgewater) #57370
• [80d9d5653f] - (SEMVER-MINOR) assert,util: improve performance (Ruben Bridgewater) #57370
• [d52a71f832] - (SEMVER-MINOR) benchmark: adjust assert runtimes (Ruben Bridgewater) #57370
• [7592cf4cd7] - (SEMVER-MINOR) benchmark: skip running some assert benchmarks by default (Ruben Bridgewater) #57370
• [e4cc54a746] - (SEMVER-MINOR) benchmark: add assert partialDeepStrictEqual benchmark (Ruben Bridgewater) #57370
• [de48407011] - build: fix update-wpt workflow (Jonas) #57468
• [52cd0954f9] - cli: clarify --cpu-prof-name allowed values (Eugenio Ceschia) #57433
• [7611fc14de] - crypto: fix output of privateDecrypt with zero-length data (Filip Skokan) #57575
• [cc42ee8fc7] - crypto: ensure expected JWK alg in SubtleCrypto.importKey RSA imports (Filip Skokan) #57450
• [053cef70e0] - (SEMVER-MINOR) crypto: add optional callback to crypto.diffieHellman (Filip Skokan) #57274
• [1f08864fd7] - debugger: fix behavior of plain object exec in debugger repl (Dario Piotrowicz) #57498
• [162b2828eb] - deps: update undici to 6.21.2 (Matteo Collina) #57442
• [43bea6bb80] - deps: V8: cherry-pick c172ffc5bf54 (Choongwoo Han) #57437
• [99f93afb9d] - deps: update ada to v3.2.1 (Yagiz Nizipli) #57429
• [30e5658f12] - deps: update googletest to 0bdccf4 (Node.js GitHub Bot) #57380
• [573467c070] - deps: update acorn to 8.14.1 (Node.js GitHub Bot) #57382
• [affeaac0c7] - doc: add gurgunday as triager (Gürgün Dayıoğlu) #57594
• [4ed1a098f5] - doc: clarify behaviour of node-api adjust function (Michael Dawson) #57463
• [921041b284] - doc: remove Corepack documentation (Antoine du Hamel) #57635
• [99dbd8b391] - doc: remove mention of --require not supporting ES modules (Huáng Jùnliàng) #57620
• [8c76b2949e] - doc: mention reports should align with Node.js CoC (Rafael Gonzaga) #57607
• [ee1c78a7a3] - doc: add section stating that very stale PRs should be closed (Dario Piotrowicz) #57541
• [595e9e5ad6] - doc: add bjohansebas as triager (Sebastian Beltran) #57564
• [3742d2a198] - doc: update support channels (Claudio W.) #57538
• [717c44dead] - doc: make stability labels more consistent (Antoine du Hamel) #57516
• [b4576a6f57] - doc: remove cryptoStream API reference (Jonas) #57579
• [2c4f894036] - doc: module resolution pseudocode corrections (Marcel Laverdet) #57080
• [c45894f90c] - doc: add history entry for DEP0190 in child_process.md (Antoine du Hamel) #57544
• [c21068b696] - doc: remove deprecated pattern in child_process.md (Antoine du Hamel) #57568
• [87e0dda352] - doc: mark multiple experimental APIS as stable (James M Snell) #57510
• [d637763e4e] - doc: remove mertcanaltin from Triagers (Mert Can Altin) #57531
• [ee6025495d] - doc: recommend watching the collaborators repo in the onboarding doc (Darshan Sen) #57527
• [706b64638b] - doc: remove mention of visa fees from onboarding doc (Darshan Sen) #57526
• [176d951bd0] - doc: deprecate passing args to spawn and execFile (Antoine du Hamel) #57389
• [5c05ba119b] - doc: remove some inconsistencies in deprecations.md (Antoine du Hamel) #57512
• [9d5be4bb8c] - doc: run license-builder (github-actions[bot]) #57511
• [273607edb4] - doc: add new writing-docs contributing md (Dario Piotrowicz) #57502
• [e28c723f24] - doc: add node.js streams references to Web Streams doc (Dario Piotrowicz) #57393
• [47296492ba] - doc: replace NOTEs that do not render properly (Colin Ihrig) #57484
• [db9c37f792] - doc: prefer to sign commits under nodejs repository (Rafael Gonzaga) #57311
• [e5e3987ae7] - doc: fixed the incorrect splitting of multiple words (letianpailove) #57454
• [91a824e43b] - doc: add review guidelines for collaborator nominations (Antoine du Hamel) #57449
• [2a5fcb2172] - doc: fix typo in url.md (Allon Murienik) #57467
• [17ccf9282f] - doc: add history info for --use-system-ca (Darshan Sen) #57432
• [9adaaeb965] - doc: remove typo YAML snippet from tls.getCACertificates doc (Darshan Sen) #57459
• [ee4e855f8e] - doc: fix typo in sqlite.md (Tobias Nießen) #57473
• [8cb3441443] - doc: explicit mention arbitrary code execution as a vuln (Rafael Gonzaga) #57426
• [27f183ad03] - doc: update maintaining-openssl.md for openssl (Richard Lau) #57413
• [ca67145d60] - doc: add missing deprecated badges in fs.md (Yukihiro Hasegawa) #57384
• [3687390510] - doc: fix small typo in process.md (Felix Rieseberg) #57333
• [097d9926e3] - doc: add note about sync nodejs-private branches (Rafael Gonzaga) #57404
• [5006627969] - fs: apply exclude function to root path (Rich Trott) #57420
• [0583c3db92] - http: coerce content-length to number (Marco Ippolito) #57458
• [2a580b9332] - lib: add warning when binding inspector to public IP (Demian Parkhomenko) #55736
• [fda56b9837] - lib: limit split function calls to prevent excessive array length (Gürgün Dayıoğlu) #57501
• [d5a26f6525] - lib: make getCallSites sourceMap option truly optional (James M Snell) #57388
• [00a5b18043] - meta: add some clarification to the nomination process (James M Snell) #57503
• [d0c96c463c] - meta: remove collaborator self-nomination (Rich Trott) #57537
• [a9a93f31ee] - meta: edit collaborator nomination process (Antoine du Hamel) #57483
• [0ca362f5f2] - meta: move ovflowd to emeritus (Claudio W.) #57443
• [f8aff90235] - (SEMVER-MINOR) process: add execve (Paolo Insogna) #56496
• [e8d4a31d4b] - sqlite: add support for unknown named parameters (Colin Ihrig) #57552
• [5652da642d] - sqlite: add DatabaseSync.prototype.isOpen (Colin Ihrig) #57522
• [5c976f16cd] - sqlite: add DatabaseSync.prototype[Symbol.dispose]() (Colin Ihrig) #57506
• [4b04c92d7d] - (SEMVER-MINOR) sqlite: add StatementSync.prototype.columns() (Colin Ihrig) #57490
• [7f5e31645c] - src: ensure primordials are initialized exactly once (Chengzhong Wu) #57519
• [9611980f58] - src: improve error handling in multiple files (James M Snell) #57507
• [3ddc5cd875] - src: cache urlpattern properties (JonasBa) #57465
• [b9d9ee4da2] - src: make minor cleanups in encoding_binding.cc (James M Snell) #57448
• [f8acf2dd2a] - src: make minor cleanups in compile_cache.cc (James M Snell) #57448
• [6ee15c6509] - src: define urlpattern components using a macro (JonasBa) #57452
• [4ab3c1690a] - src: cleanup crypto more (James M Snell) #57323
• [5be80b1748] - src: refine ncrypto more (James M Snell) #57300
• [6a13319a6e] - src: cleanup aliased_buffer.h (Mohammed Keyvanzadeh) #57395
• [3cff7f80bb] - src: suggest --use-system-ca when a certificate error occurs (Aditi) #57362
• [3d372ad9f3] - test: update WPT for urlpattern to 6ceca69d26 (Node.js GitHub Bot) #57486
• [481ea665af] - test: add more number cases for buffer.indexOf (Meghan Denny) #57200
• [27b01ed4e7] - test: update parallel/test-tls-dhe for OpenSSL 3.5 (Richard Lau) #57477
• [8f7debcf41] - timers: optimize timer functions with improved argument handling (Gürgün Dayıoğlu) #57072
• [d4abd9d3fb] - timers: remove unnecessary allocation of _onTimeout (Gürgün Dayıoğlu) #57497
• [f8f81c8ba2] - timers: remove unused parameter from insertGuarded (Gürgün Dayıoğlu) #57251
• [c4fdb27b51] - tls: remove unnecessary type check on normalize (Yagiz Nizipli) #57336
• [ad5dcc5798] - tools: fix WPT update cron string (Antoine du Hamel) #57665
• [7faa482588] - tools: remove stalled label on unstalled issues and PRs (Rich Trott) #57630
• [e3bb26da2b] - tools: update sccache to support GH cache changes (Michaël Zasso) #57573
• [f0c9f505d9] - tools: bump @babel/helpers from 7.26.9 to 7.26.10 in /tools/eslint (dependabot[bot]) #57444
• [a40ff1f646] - url: fix constructor error message for URLPattern (jakecastelli) #57482
• [f36bee4b89] - util: avoid run debug when enabled is false (fengmk2) #57494
• [1b8d1d3a3a] - (SEMVER-MINOR) util: expose diff function used by the assertion errors (Giovanni Bucci) #57462
• [1f7b08a317] - win,test: disable test case failing with ClangCL (Stefan Stojanovic) #57397

This release updates OpenSSL to 3.0.16 and root certificates to NSS 3.108.

• [f737a79073] - async_hooks,inspector: implement inspector api without async_wrap (Gabriel Bota) #51501
• [fce923ba69] - build: update gcovr to 7.2 and codecov config (Benjamin E. Coe) #54019
• [8b7ffd807c] - build: fix compatibility with V8's depot_tools (Richard Lau) #57330
• [ee9a343413] - crypto: update root certificates to NSS 3.108 (Node.js GitHub Bot) #57381
• [738bf8aea4] - crypto: update root certificates to NSS 3.104 (Richard Lau) #55681
• [69d661d591] - deps: update undici to v5.29.0 (Matteo Collina) #57557
• [59fcf43b0e] - deps: update corepack to 0.32.0 (Node.js GitHub Bot) #57265
• [1b72869503] - deps: update archs files for openssl-3.0.16 (Node.js GitHub Bot) #57335
• [a566560235] - deps: upgrade openssl sources to quictls/openssl-3.0.16 (Node.js GitHub Bot) #57335
• [50c4e1da2f] - doc: add missing deprecated badges in fs.md (Yukihiro Hasegawa) #57384
• [c3babb4671] - doc: update Xcode version used for arm64 and pkg (Michaël Zasso) #57104
• [784da606a6] - doc: fix link and history of SourceMap sections (Antoine du Hamel) #57098
• [f5dbceccbe] - test: update error code in tls-psk-circuit for for OpenSSL 3.4 (sebastianas) #56420

With the introduction of test runner, SEA, and other feature that require a lot of flags, a JSON config flag would improve by a lot the developer experience and increase adoption.

You can have a node.config.json containing:

{
  "$schema": "https://nodejs.org/dist/v23.10.0/docs/node-config-schema.json",
  "nodeOptions": {
    "test-coverage-lines": 80,
    "test-coverage-branches": 60
  }
}

You can run your tests without passing the flags defined in the config file.

node --experimental-default-config-file --test --experimental-test-coverage

or

node --experimental-config-file=node.config.json --test --experimental-test-coverage

Node.js will not sanitize or perform validation on the user-provided configuration, so only ever use trusted configuration files.

Contributed by Marco Ippolito in #57016 and #57171.

• [323e3ac93c] - crypto: update root certificates to NSS 3.108 (Node.js GitHub Bot) #57381
• [6fd2ec6816] - doc: add @geeksilva97 to collaborators (Edy Silva) #57241
• [d8937f1742] - (SEMVER-MINOR) src: create THROW_ERR_OPTIONS_BEFORE_BOOTSTRAPPING (Marco Ippolito) #57016
• [5054fc7941] - (SEMVER-MINOR) test_runner: change ts default glob (Marco Ippolito) #57359
• [75f11ae1cc] - (SEMVER-MINOR) tls: implement tls.getCACertificates() (Joyee Cheung) #57107
• [a22c21ceb8] - (SEMVER-MINOR) v8: add v8.getCppHeapStatistics() method (Aditi) #57146

• [2daee76b26] - assert: improve myers diff performance (Giovanni Bucci) #57279
• [2fbd3bbea7] - build: fix compatibility with V8's depot_tools (Richard Lau) #57330
• [6a2e4c5fc1] - build,win: disable node pch with ccache (Stefan Stojanovic) #57224
• [323e3ac93c] - crypto: update root certificates to NSS 3.108 (Node.js GitHub Bot) #57381
• [906f23d0e7] - crypto: add support for intermediate certs in --use-system-ca (Tim Jacomb) #57164
• [03cd7920c8] - deps: update simdjson to 3.12.2 (Node.js GitHub Bot) #57084
• [9e1fce9a5c] - deps: update archs files for openssl-3.0.16 (Node.js GitHub Bot) #57335
• [4056c1f83e] - deps: upgrade openssl sources to quictls/openssl-3.0.16 (Node.js GitHub Bot) #57335
• [b402799070] - deps: update corepack to 0.32.0 (Node.js GitHub Bot) #57265
• [ce1cfff79a] - deps: update amaro to 0.4.1 (marco-ippolito) #57121
• [0ac977d679] - deps: update gyp file for ngtcp2 1.11.0 (Richard Lau) #57225
• [f34d78df1f] - deps: update ada to 3.1.3 (Node.js GitHub Bot) #57222
• [4fe9916701] - dns: remove redundant code using common variable (Deokjin Kim) #57386
• [1c271b162b] - doc: make first parameter optional in util.getCallSites (Deokjin Kim) #57387
• [77668fffec] - doc: fix usage of module.registerSync in comment (Timo Kössler) #57328
• [9b4f7aac69] - doc: add Darshan back as voting TSC member (Michael Dawson) #57402
• [d44ccb319c] - doc: revise webcrypto.md types, interfaces, and added versions (Filip Skokan) #57376
• [f4de7cef01] - doc: add info on how project manages social media (Michael Dawson) #57318
• [792ef16921] - doc: revise tsconfig.json note (Steven) #57353
• [4e438c3fa3] - doc: use more clear name in getSystemErrorMessage's example (ikuma-t) #57310
• [5c9f1a40e4] - doc: recommend setting noEmit: true in tsconfig.json (Steven) #57320
• [e178acf9d8] - doc: ping nodejs/tsc for each security pull request (Rafael Gonzaga) #57309
• [fbe464e28c] - doc: fix Windows ccache section position (Stefan Stojanovic) #57326
• [3fe8eac0ba] - doc: update node-api version matrix (Chengzhong Wu) #57287
• [d2f49e7fcf] - doc: recommend erasableSyntaxOnly in ts docs (Rob Palmer) #57271
• [03844d99f8] - doc: clarify path.isAbsolute is not path traversal mitigation (Eric Fortis) #57073
• [0f8cd32986] - doc: fix rendering of DEP0174 description (David Sanders) #56835
• [f95ecca71f] - doc: add 1ilsang to triage team (1ilsang) #57183
• [6fd2ec6816] - doc: add @geeksilva97 to collaborators (Edy Silva) #57241
• [b74e0ff7d7] - doc: add missing assert return types (Colin Ihrig) #57219
• [83eed33562] - doc: add streamResetBurst and streamResetRate (Sujal Raj) #57195
• [7f48811295] - doc: add esm examples to node:util (Alfredo González) #56793
• [5c20dcc166] - esm: fix module.exports export on CJS modules (Guy Bedford) #57366
• [041a217a4d] - fs: fix rmSync error code (Paul Schwabauer) #57103
• [cea50b7f39] - lib: optimize priority queue (Gürgün Dayıoğlu) #57100
• [5204d495ae] - meta: bump codecov/codecov-action from 5.3.1 to 5.4.0 (dependabot[bot]) #57257
• [89599be988] - meta: bump github/codeql-action from 3.28.8 to 3.28.10 (dependabot[bot]) #57254
• [66cd3850bc] - meta: bump ossf/scorecard-action from 2.4.0 to 2.4.1 (dependabot[bot]) #57253
• [6c22e446bc] - meta: set nodejs/config as codeowner (Marco Ippolito) #57237
• [ee5ce5ccde] - meta: move RaisinTen back to collaborators, triagers and SEA champion (Darshan Sen) #57292
• [0b0c9cc0f5] - meta: bump actions/download-artifact from 4.1.8 to 4.1.9 (dependabot[bot]) #57260
• [e6a98af8bd] - meta: bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (dependabot[bot]) #57259
• [91394aaf3d] - meta: bump step-security/harden-runner from 2.10.4 to 2.11.0 (dependabot[bot]) #57258
• [63dbbe7c91] - meta: bump actions/cache from 4.2.0 to 4.2.2 (dependabot[bot]) #57256
• [d5ccf174ad] - meta: bump actions/upload-artifact from 4.6.0 to 4.6.1 (dependabot[bot]) #57255
• [46b06be9a3] - module: handle cached linked async jobs in require(esm) (Joyee Cheung) #57187
• [718305db6f] - module: add dynamic file-specific ESM warnings (Mert Can Altin) #56628
• [4762f4ada5] - net: validate non-string host for socket.connect (Daeyeon Jeong) #57198
• [d07bd79ac5] - net: replace brand checks with identity checks (Yagiz Nizipli) #57341
• [a757f00747] - net: emit an error when custom lookup resolves to a non-string address (Edy Silva) #57192
• [984f7ef5bd] - readline: add support for Symbol.dispose (Antoine du Hamel) #57276
• [21b6423b9b] - sqlite: reset statement immediately in run() (Colin Ihrig) #57350
• [e80bbb7355] - sqlite,test,doc: allow Buffer and URL as database location (Edy Silva) #56991
• [3dc3207298] - src: do not pass nullptr to std::string ctor (Charles Kerr) #57354
• [5e51c62569] - src: fix process exit listeners not receiving unsettled tla codes (Dario Piotrowicz) #56872
• [bf788d9d86] - src: refactor SubtleCrypto algorithm and length validations (Filip Skokan) #57319
• [37664e8485] - src: fix node_config_file.h compilation error in GN build (Cheng) #57210
• [274c18a365] - (SEMVER-MINOR) src: set default config as node.config.json (Marco Ippolito) #57171
• [433657de8c] - src: namespace config file flags (Marco Ippolito) #57170
• [d8937f1742] - (SEMVER-MINOR) src: create THROW_ERR_OPTIONS_BEFORE_BOOTSTRAPPING (Marco Ippolito) #57016
• [9fd217daa9] - (SEMVER-MINOR) src: add config file support (Marco Ippolito) #57016
• [b17163b130] - src: allow embedder customization of OOMErrorHandler (Shelley Vohr) #57325
• [6f1c622466] - src: use Maybe<void> in ProcessEmitWarningSync (Daeyeon Jeong) #57250
• [4d86a42aa4] - src: remove redundant qualifiers in src/quic (Yagiz Nizipli) #56967
• [41ea5a2864] - src: make even more improvements to error handling (James M Snell) #57264
• [7a554d9bf3] - src: use cached emit v8::String (Daeyeon Jeong) #57249
• [b10ac9a958] - src: refactor SubtleCrypto algorithm and length validations (Filip Skokan) #57273
• [90cd780ca6] - src: make more error handling improvements (James M Snell) #57262
• [17c9e76722] - src: fix typo in comment (Antoine du Hamel) #57291
• [35c283a3f3] - src: reduce string allocations on sqlite (Yagiz Nizipli) #57227
• [185d1ffe93] - src: improve error handling in node_messaging.cc (James M Snell) #57211
• [96b2bfb88c] - src: improve error handling in tty_wrap.cc (James M Snell) #57211
• [f845ad953e] - src: improve error handling in tcp_wrap.cc (James M Snell) #57211
• [350f62de6c] - src: fix ThrowInvalidURL call in PathToFileURL (Daniel M Brasil) #57141
• [936a9997b2] - src: improve error handling in buffer and dotenv (James M Snell) #57189
• [975e2a5c1d] - src: improve error handling in module_wrap (James M Snell) #57188
• [3d103ecfbe] - src: improve error handling in spawn_sync (James M Snell) #57185
• [98d328a1d6] - src: detect whether the string is one byte representation or not (theweipeng) #56147
• [15d7908656] - stream: fix sizeAlgorithm validation in WritableStream (Daeyeon Jeong) #57280
• [b866755299] - test: test runner run plan (Pietro Marchini) #57304
• [e05e0e5772] - test: update WPT for urlpattern to 3b6b19853a (Node.js GitHub Bot) #57377
• [36542b5611] - test: update WPT for WebCryptoAPI to edd42c005c (Node.js GitHub Bot) #57365
• [28792ee59a] - test: skip test-config-json-schema with quic (Richard Lau) #57225
• [5a21fa4573] - test: add more coverage to node_config_file (Marco Ippolito) #57170
• [99b2369142] - test: simplify test-tls-connect-abort-controller.js (Yagiz Nizipli) #57338
• [4af2f7f9a8] - test: use assert.match in test-esm-import-meta (Antoine du Hamel) #57290
• [99abfb6172] - test: update compression wpt (Yagiz Nizipli) #56960
• [f8dde3a391] - test: skip uv-thread-name on IBM i (Abdirahim Musse) #57299
• [3bf546c317] - Revert "test: temporary remove resource check from fs read-write" (Rafael Gonzaga) #56906
• [8d0f1a7dbf] - test: module syntax should throw (Marco Ippolito) #57121
• [0fd3d91e3a] - test: more common.mustNotCall in net, tls (Meghan Denny) #57246
• [f803d6ca29] - test: swap assert.strictEqual() parameters (Luigi Pinca) #57217
• [eb3576fde0] - test: assert write return values in buffer-bigint64 (Meghan Denny) #57212
• [a08981025a] - test: allow embedder running async context frame test (Shelley Vohr) #57193
• [20c032ed98] - test: resolve race condition in test-net-write-fully-async-* (Matteo Collina) #57022
• [5054fc7941] - (SEMVER-MINOR) test_runner: change ts default glob (Marco Ippolito) #57359
• [0ad450f295] - timers: simplify the compareTimersLists function (Gürgün Dayıoğlu) #57110
• [75f11ae1cc] - (SEMVER-MINOR) tls: implement tls.getCACertificates() (Joyee Cheung) #57107
• [2b2267f203] - tools: add config subspace (Marco Ippolito) #57239
• [8e64d38e91] - tools: import rather than require ESLint plugins (Michaël Zasso) #57315
• [2569e56b95] - tools: switch back to official OpenSSL (Richard Lau) #57301
• [fd49144378] - tools: extract target abseil to abseil.gyp (Chengzhong Wu) #57289
• [77e1a85d24] - tools: revert to use @stylistic/eslint-plugin-js v3 (Joyee Cheung) #57314
• [2fa6e65262] - tools: add more details about rolling inspector_protocol (Chengzhong Wu) #57167
• [5788574cdf] - tools: bump the eslint group in /tools/eslint with 5 updates (dependabot[bot]) #57261
• [5955acadba] - tools: remove deps/zlib/GN-scraper.py (Chengzhong Wu) #57238
• [a22c21ceb8] - (SEMVER-MINOR) v8: add v8.getCppHeapStatistics() method (Aditi) #57146
• [17d4074114] - win,build: add option to enable Control Flow Guard (Hüseyin Açacak) #56605

Support for loading native ES modules using require() had been available on v20.x under the command line flag --experimental-require-module, and available by default on v22.x and v23.x. In this release, it is now no longer behind a flag on v20.x.

This feature has been tested on v23.x and v22.x, and we are looking for user feedback from v20.x to make more final tweaks before fully stabilizing it. When the Node.js instance encounters a native ES module in require() somewhere outside node_modules for the first time, it will emit an experimental warning unless require() comes from a path that contains node_modules. If there happens to be any regressions caused by this feature, users can report it to the Node.js issue tracker. Meanwhile this feature can also be disabled using --no-experimental-require-module as a workaround.

With this feature enabled, Node.js will no longer throw ERR_REQUIRE_ESM if require() is used to load a ES module. It can, however, throw ERR_REQUIRE_ASYNC_MODULE if the ES module being loaded or its dependencies contain top-level await. When the ES module is loaded successfully by require(), the returned object will either be a ES module namespace object similar to what's returned by import(), or what gets exported as "module.exports" in the ES module.

Users can check process.features.require_module to see whether require(esm) is enabled in the current Node.js instance. For packages, the "module-sync" exports condition can be used as a way to detect require(esm) support in the current Node.js instance and allow both require() and import to load the same native ES module. See the documentation for more details about this feature.

Contributed by Joyee Cheung in #55085

Module syntax detection (the --experimental-detect-module flag) is now enabled by default. Use --no-experimental-detect-module to disable it if needed.

Syntax detection attempts to run ambiguous files as CommonJS, and if the module fails to parse as CommonJS due to ES module syntax, Node.js tries again and runs the file as an ES module. Ambiguous files are those with a .js or no extension, where the nearest parent package.json has no "type" field (either "type": "module" or "type": "commonjs"). Syntax detection should have no performance impact on CommonJS modules, but it incurs a slight performance penalty for ES modules; add "type": "module" to the nearest parent package.json file to eliminate the performance cost. A use case unlocked by this feature is the ability to use ES module syntax in extensionless scripts with no nearby package.json.

Thanks to Geoffrey Booth for making this work on #53619.

• [285bb4ee14] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #56566
• [73b5c16684] - (SEMVER-MINOR) worker: add postMessageToThread (Paolo Insogna) #53682
• [de313b2336] - (SEMVER-MINOR) module: only emit require(esm) warning under --trace-require-module (Joyee Cheung) #56194
• [4fba01911d] - (SEMVER-MINOR) process: add process.features.require_module (Joyee Cheung) #55241
• [df8a045afe] - (SEMVER-MINOR) module: implement the "module-sync" exports condition (Joyee Cheung) #54648
• [f9dc1eaef5] - (SEMVER-MINOR) module: add __esModule to require()'d ESM (Joyee Cheung) #52166

• [927d985aa0] - (SEMVER-MINOR) dns: add TLSA record query and parsing (Rithvik Vibhu) #52983
• [0236fbf75a] - (SEMVER-MINOR) process: add threadCpuUsage (Paolo Insogna) #56467

• [f4a82fddb1] - benchmark: add a warmup on bench-openSync (Elves Vieira) #57051
• [b384baa073] - build: print 'Formatting Markdown...' for long task markdown formatting (1ilsang) #57108
• [fec2d50308] - build: add skip_apidoc_files and include QUIC (RafaelGSS) #56941
• [5af35d1850] - build: fix GN build failure (Cheng) #57013
• [35f89aa66f] - build: fix GN build of uv (Cheng) #56955
• [e26d4841d1] - cli: allow --cpu-prof* in NODE_OPTIONS (Carlos Espa) #57018
• [b50fc42a99] - crypto: support --use-system-ca on non-Windows and non-macOS (Joyee Cheung) #57009
• [dfdaa92a37] - crypto: fix missing OPENSSL_NO_ENGINE guard (Shelley Vohr) #57012
• [18ea88bcbe] - crypto: cleanup root certificates and skip PEM deserialization (Joyee Cheung) #56999
• [8076284f9e] - deps: update cjs-module-lexer to 2.1.0 (Node.js GitHub Bot) #57180
• [8644cf3e5a] - deps: update ngtcp2 to 1.11.0 (Node.js GitHub Bot) #57179
• [2aceca15d6] - deps: update sqlite to 3.49.1 (Node.js GitHub Bot) #57178
• [8421021427] - deps: update ada to 3.1.0 (Node.js GitHub Bot) #57083
• [21d795a5f0] - (SEMVER-MINOR) dns: add TLSA record query and parsing (Rithvik Vibhu) #52983
• [455bf5a0a8] - doc: update options to filehandle.appendFile() (Hasegawa-Yukihiro) #56972
• [f35bd869ee] - doc: add additional caveat for fs.watch (Michael Dawson) #57150
• [4413ce7ed3] - doc: fix typo in Windows building instructions (Tim Jacomb) #57158
• [66614cfcf3] - doc: fix web.libera.chat link in pull-requests.md (Samuel Bronson) #57076
• [587112cb08] - doc: remove buffered flag from performance hooks examples (Pavel Romanov) #52607
• [fdc8aeb8a0] - doc: fix 'introduced_in' version in typescript module (1ilsang) #57109
• [b6960499c8] - doc: fix link and history of SourceMap sections (Antoine du Hamel) #57098
• [0de128ca97] - doc: add module namespace object links (Dario Piotrowicz) #57093
• [5a74568320] - doc: disambiguate pseudo-code statement (Dario Piotrowicz) #57092
• [46df14ddcb] - doc: update clang-cl on Windows building guide (Joyee Cheung) #57087
• [4b02fdc72f] - doc: update Xcode version used for arm64 and pkg (Michaël Zasso) #57104
• [78d4e52a52] - doc: fix wrong articles used to address modules (Dario Piotrowicz) #57090
• [ed5671f1bc] - doc: update module.builtinModules sentence (Dario Piotrowicz) #57089
• [9de45cbac9] - doc: modules.md: fix distance definition (Alexander “weej” Jones) #57046
• [a7e5ef9e01] - doc: fix wrong verb form (Dario Piotrowicz) #57091
• [c02494f5fe] - doc: fix transpiler loader hooks documentation (Joyee Cheung) #57037
• [5b2dfadd40] - doc: add a note about require('../common') in testing documentation (Aditi) #56953
• [50ba04e214] - doc: recommend writing tests in new files and including comments (Joyee Cheung) #57028
• [6951133e1a] - doc: improve documentation on argument validation (Aditi) #56954
• [44dd8a5cc2] - doc: buffer: fix typo on Buffer.copyBytesFrom( offset option (tpoisseau) #57015
• [c011271a70] - doc: update cleanup to trust on vuln db automation (Rafael Gonzaga) #57004
• [a6b7bce3a0] - doc: move stability index after history section for consistency (Antoine du Hamel) #56997
• [3bc6d626b4] - doc: add signal to filehandle.writeFile() options (Yukihiro Hasegawa) #56804
• [2990cc8616] - doc: run license-builder (github-actions[bot]) #56985
• [40f3a516bf] - fs: handle UV_ENOTDIR in fs.statSync with throwIfNoEntry provided (Juan José Arboleda) #56996
• [e10ef275e8] - inspector: convert event params to protocol without json (Chengzhong Wu) #57027
• [d6234b4652] - inspector: skip promise hook in the inspector async hook (Joyee Cheung) #57148
• [aa817853cd] - lib: fixup more incorrect ERR_INVALID_ARG_VALUE uses (James M Snell) #57177
• [e08d7d4e53] - lib: fixup incorrect argument order in assertEncoding (James M Snell) #57177
• [f77069b4e0] - meta: bump actions/setup-python from 5.3.0 to 5.4.0 (dependabot[bot]) #56867
• [35cdd9b9fe] - meta: bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 (dependabot[bot]) #56866
• [3d61604f2a] - meta: bump mozilla-actions/sccache-action from 0.0.6 to 0.0.7 (dependabot[bot]) #56865
• [0dd0108fc5] - meta: bump codecov/codecov-action from 5.0.7 to 5.3.1 (dependabot[bot]) #56864
• [58d70369e3] - meta: bump step-security/harden-runner from 2.10.2 to 2.10.4 (dependabot[bot]) #56863
• [dfd42db739] - meta: bump actions/cache from 4.1.2 to 4.2.0 (dependabot[bot]) #56862
• [7f5f02ba2b] - meta: bump actions/stale from 9.0.0 to 9.1.0 (dependabot[bot]) #56860
• [85ac02f8d3] - meta: bump github/codeql-action from 3.27.5 to 3.28.8 (dependabot[bot]) #56859
• [d62299b021] - meta: add CODEOWNERS for SQLite (Colin Ihrig) #57147
• [2ec4ff17a6] - meta: update last name for jkrems (Jan Martin) #57006
• [ad3c572027] - module: improve error message from asynchronicity in require(esm) (Joyee Cheung) #57126
• [cc1cafd562] - module: allow omitting context in synchronous next hooks (Joyee Cheung) #57056
• [c6ddfa52fb] - (SEMVER-MINOR) process: add threadCpuUsage (Paolo Insogna) #56467
• [ac35106625] - sea: suppress builtin warning with disableExperimentalSEAWarning option (koooge) #57086
• [ef314dc773] - src: fix crash when lazy getter is invoked in a vm context (Chengzhong Wu) #57168
• [90a4de02b6] - src: do not format single string argument for THROW_ERR_* (Joyee Cheung) #57126
• [e0a91f631b] - src: gate all quic behind disabled-by-default compile flag (James M Snell) #57142
• [7dd326e3a7] - src: move instead of copy shared pointer in node_blob (Michaël Zasso) #57120
• [e3127b89a2] - src: replace NewFromUtf8 with OneByteString where appropriate (James M Snell) #57096
• [56f9fe7514] - src: port defineLazyProperties to native code (Antoine du Hamel) #57081
• [90875ba0ca] - src: improve error handling in node_blob (James M Snell) #57078
• [5414eb48b5] - src: improve error handling in multiple files (James M Snell) #56962
• [286bb84188] - src: fix accessing empty string (Cheng) #57014
• [fa26f83e5b] - src: lock the isolate properly in IsolateData destructor (Joyee Cheung) #57031
• [7e2dac9fcc] - src: add self-assigment memcpy checks (Burkov Egor) #56986
• [d8e70dcaa6] - src: improve node::Dotenv trimming (Dario Piotrowicz) #56983
• [41f444fa78] - src: improve error handling in string_bytes/decoder (James M Snell) #56978
• [d0ee8c0a20] - src: improve error handling in process_wrap (James M Snell) #56977
• [1a244177a3] - test: add doAppendAndCancel test (Hasegawa-Yukihiro) #56972
• [51dff8b1ae] - test: fix test-without-async-context-frame.mjs in debug mode (Joyee Cheung) #57034
• [7c7e9f4d84] - test: make eval snapshot comparison more flexible (Shelley Vohr) #57020
• [315244e59e] - test: simplify test-http2-client-promisify-connect-error (Luigi Pinca) #57144
• [ccf496cff9] - test: improve error output of test-http2-client-promisify-connect-error (Antoine du Hamel) #57135
• [a588066518] - test: add case for unrecognised fields within pjson "exports" (Jacob Smith) #57026
• [b369ad6e45] - test: remove unnecessary assert requiring from tests (Dario Piotrowicz) #57008
• [9b98ac6a81] - test: update WPT for urlpattern to ef6d83d789 (Node.js GitHub Bot) #56984
• [0a82d27d28] - test: reduce flakiness on test-net-write-fully-async-buffer (Yagiz Nizipli) #56971
• [ab150d7781] - test: remove flakiness on macOS test (Yagiz Nizipli) #56971
• [ccb8c12712] - test,crypto: make tests work for BoringSSL (Shelley Vohr) #57021
• [116c1fe84c] - test_runner: refactor testPlan counter increse (Pietro Marchini) #56765
• [2929fc6449] - test_runner: allow special characters in snapshot keys (Carlos Espa) #57017
• [a025d7ba07] - tools: run Linux tests on GitHub arm64 runners as well (Dennis Ameling) #57162
• [73a8514305] - tools: consolidate 'introduced_in' check for docs (1ilsang) #57109
• [6cdee545f6] - tools: do not run major-release workflow on forks (Rich Trott) #57064
• [1efd74b1b0] - tools: fix release URL computation in update-root-certs.mjs (Joyee Cheung) #56843
• [a9112df8d3] - tools: add support for import source syntax in linter (Antoine du Hamel) #56992
• [c6d6be2c3b] - typings: fix ImportModuleDynamicallyCallback return type (Chengzhong Wu) #57160
• [d922153cbf] - url: improve urlpattern regexp performance (Yagiz Nizipli) #57136

• [ea5eb0e98b] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #56566

• [bb2977ca6c] - build: use glob for dependencies of out/Makefile (Richard Lau) #55789
• [92896945b8] - build: support python 3.13 (Chengzhong Wu) #53190
• [ea5eb0e98b] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #56566
• [d03a23577d] - deps: V8: cherry-pick 26fd1dfa9cd6 (Shu-yu Guo) #55873
• [53bb21b093] - deps: V8: backport ae5a4db8ad86 (Shu-yu Guo) #55873
• [5eb6dfe284] - deps: update zlib to 1.3.0.1-motley-82a5fec (Node.js GitHub Bot) #55980
• [734515a0f7] - deps: update zlib to 1.3.0.1-motley-7e2e4d7 (Node.js GitHub Bot) #54432
• [d64cc98324] - deps: update simdutf to 5.6.4 (Node.js GitHub Bot) #56255
• [9eab21dd1d] - deps: update simdutf to 5.6.3 (Node.js GitHub Bot) #55973
• [2e3367b46a] - deps: update simdutf to 5.6.2 (Node.js GitHub Bot) #55889
• [df74d66207] - deps: update simdutf to 5.6.1 (Node.js GitHub Bot) #55850
• [ade37ee0b3] - deps: update acorn to 8.14.0 (Node.js GitHub Bot) #55699
• [a3c367adbd] - deps: update corepack to 0.31.0 (Node.js GitHub Bot) #56795
• [2cff6a8428] - deps: update corepack to 0.30.0 (Node.js GitHub Bot) #55977
• [8b8c9a2cf5] - doc: update macOS and Xcode versions for releases (Michaël Zasso) #56337
• [706af28113] - doc: add "Skip to content" button (Antoine du Hamel) #56750
• [634a6b3a14] - doc: improve accessibility of expandable lists (Antoine du Hamel) #56749
• [f0b60c5bf9] - doc: fix arrow vertical alignment in HTML version (Akash Yeole) #52193
• [91cce27ebb] - doc: remove flicker on page load on dark theme (Dima Demakov) #50942
• [522fbb00a8] - doc: make theme consistent across api and other docs (Dima Demakov) #50877
• [1486465520] - doc: save user preference for JS flavor (Vidar Eldøy) #49526
• [d74cff7e59] - doc: rename possibly confusing variable and CSS class (Antoine du Hamel) #49536
• [4829d976fe] - doc: add main ARIA landmark to API docs (Rich Trott) #49882
• [6c4ce1f1d4] - doc: add navigation ARIA landmark to doc ToC (Rich Trott) #49882
• [33548f8c1f] - doc: add history entries for JSON modules stabilization (Antoine du Hamel) #55855
• [e12bdf6141] - meta: bump actions/upload-artifact from 4.4.3 to 4.6.0 (dependabot[bot]) #56861
• [6f44ef388b] - meta: bump actions/upload-artifact from 4.4.0 to 4.4.3 (dependabot[bot]) #55685
• [ae39211117] - meta: bump actions/upload-artifact from 4.3.4 to 4.4.0 (dependabot[bot]) #54703
• [4cf80b37c7] - meta: bump actions/upload-artifact from 4.3.3 to 4.3.4 (dependabot[bot]) #54166
• [4d402b79cb] - meta: bump actions/download-artifact from 4.1.7 to 4.1.8 (dependabot[bot]) #54167
• [1c01f93497] - meta: bump actions/upload-artifact from 4.3.1 to 4.3.3 (dependabot[bot]) #52785
• [6558a516ec] - meta: bump actions/download-artifact from 4.1.4 to 4.1.7 (dependabot[bot]) #52784
• [dd70860ec8] - meta: bump actions/download-artifact from 4.1.3 to 4.1.4 (dependabot[bot]) #52314
• [4a24d92a45] - meta: bump actions/upload-artifact from 4.3.0 to 4.3.1 (dependabot[bot]) #51941
• [655b9071b9] - meta: bump actions/download-artifact from 4.1.1 to 4.1.3 (dependabot[bot]) #51938
• [0e6ad795aa] - meta: bump actions/download-artifact from 4.1.0 to 4.1.1 (dependabot[bot]) #51644
• [61babc5037] - meta: bump actions/upload-artifact from 4.0.0 to 4.3.0 (dependabot[bot]) #51643
• [8b16d80029] - meta: update artifact actions to v4 (Michaël Zasso) #51219
• [d47e8cb86d] - test: do not use deprecated import assertions (Antoine du Hamel) #55873
• [06c523d693] - test: mark test-inspector-stop-profile-after-done as flaky (Antoine du Hamel) #57001
• [dafea86962] - test: mark test-perf-hooks as flaky on macOS (Antoine du Hamel) #57001
• [8e53f1f43d] - test: mark test-inspector-multisession-ws as flaky (Antoine du Hamel) #57001
• [350eb50bbe] - test: mark test-performance-function as flaky (Antoine du Hamel) #57001
• [a1f428a343] - test: skip test-perf-hooks on SmartOS (Antoine du Hamel) #57001
• [199f52fcc0] - test: make test-crypto-hash compatible with OpenSSL > 3.4.0 (Jelle van der Waa) #56160
• [b08ce67d48] - test: compare paths on Windows without considering case (Early Riser) #53993
• [6e84d211a1] - test: deflake test-perf-hooks.js (Joyee Cheung) #49892
• [a7f565fc7f] - tools: fix failing lint-sh workflow (Antoine du Hamel) #56995

This version adds the --use-system-ca command-line flag, which instructs Node.js to use the trusted CA certificates present in the system store along with the --use-bundled-ca, --use-openssl-ca options.

This option is available on macOS and Windows for now.

Contributed by Tim Jacomb in #56599 and Joyee Cheung in #56833.

An implementation of the URL Pattern API is now available.

The URLPattern constructor is exported from the node:url module and will be available as a global in Node.js 24.

Contributed by Yagiz Nizipli and Daniel Lemire in #56452.

Node.js now includes support for the Zstandard (zstd) compression algorithm. Various APIs have been added to the node:zlib module for both compression and decompression of zstd streams.

Contributed by Jan Krems in #52100.

Threads created by the Node.js process are now named to improve the debugging experience. Worker threads will use the name option that can be passed to the Worker constructor.

Contributed by Rafael Gonzaga in #56416.

Included changes:

• Paraguay adopts permanent -03 starting spring 2024.
• Improve pre-1991 data for the Philippines.

• [39997867cf] - (SEMVER-MINOR) sqlite: allow returning ArrayBufferViews from user-defined functions (René) #56790

• [0ee9c34d63] - benchmark: add simple parse and test benchmarks for URLPattern (James M Snell) #56882
• [b3f2045d14] - build: gyp exclude libm linking on macOS (deepak1556) #56901
• [e0dd9aefd6] - build: remove explicit linker call to libm on macOS (deepak1556) #56901
• [52399da780] - build: link with Security.framework in GN build (Cheng) #56895
• [582b9221c9] - build: do not put commands in sources variables (Cheng) #56885
• [ea61b956e9] - build: add double quotes around <(python) (Luigi Pinca) #56826
• [14236ef778] - build: add build option suppress_all_error_on_warn (Michael Dawson) #56647
• [dfd3f430f3] - build,win: enable ccache (Stefan Stojanovic) #56847
• [3e207bd9ec] - (SEMVER-MINOR) crypto: support --use-system-ca on Windows (Joyee Cheung) #56833
• [fe2694a992] - crypto: fix X509* leak in --use-system-ca (Joyee Cheung) #56832
• [60039a2c36] - crypto: add api to get openssl security level (Michael Dawson) #56601
• [39a474f7c0] - (SEMVER-MINOR) crypto: added support for reading certificates from macOS system store (Tim Jacomb) #56599
• [144bee8067] - deps: update zlib to 1.3.0.1-motley-788cb3c (Node.js GitHub Bot) #56655
• [7fd39e3a79] - deps: update sqlite to 3.49.0 (Node.js GitHub Bot) #56654
• [d698cb5434] - deps: update amaro to 0.3.2 (marco-ippolito) #56916
• [dbd09067c0] - deps: V8: cherry-pick 9ab40592f697 (Levi Zim) #56781
• [ee33ef3aa6] - deps: update cjs-module-lexer to 2.0.0 (Michael Dawson) #56855
• [c0542557d0] - deps: update timezone to 2025a (Node.js GitHub Bot) #56876
• [d67cb1f9bb] - deps: update simdjson to 3.12.0 (Node.js GitHub Bot) #56874
• [70b04b4314] - deps: update googletest to e235eb3 (Node.js GitHub Bot) #56873
• [e11cda003f] - (SEMVER-MINOR) deps: update ada to v3.0.1 (Yagiz Nizipli) #56452
• [8743ef525d] - deps: update simdjson to 3.11.6 (Node.js GitHub Bot) #56250
• [0f553e5575] - deps: update amaro to 0.3.1 (Node.js GitHub Bot) #56785
• [380a8d8d2f] - (SEMVER-MINOR) deps,tools: add zstd 1.5.6 (Jan Krems) #52100
• [66898a7c3b] - doc: update history of stream.Readable.toWeb() (Jimmy Leung) #56928
• [9e29416e12] - doc: make MDN links to global classes more consistent (Antoine du Hamel) #56924
• [6bc270728a] - doc: make MDN links to global classes more consistent in assert.md (Antoine du Hamel) #56920
• [00da003171] - doc: make MDN links to global classes more consistent (Antoine du Hamel) #56923
• [d90198793a] - doc: make MDN links to global classes more consistent in util.md (Antoine du Hamel) #56922
• [5f4377a759] - doc: make MDN links to global classes more consistent in buffer.md (Antoine du Hamel) #56921
• [7353266b50] - doc: improve type stripping documentation (Marco Ippolito) #56916
• [888d2acc3a] - doc: specificy support for erasable ts syntax (Marco Ippolito) #56916
• [3c082d43bc] - doc: update post sec release process (Rafael Gonzaga) #56907
• [f0bf35d3c5] - doc: update websocket link to avoid linking to self (Chengzhong Wu) #56897
• [373dbb0e6c] - doc: mark --env-file-if-exists flag as experimental (Juan José) #56893
• [d436888cc8] - doc: fix typo in cjs example of util.styleText (Deokjin Kim) #56769
• [91638eeb4a] - doc: clarify sqlite user-defined function behaviour (René) #56786
• [bab9c4d331] - events: getMaxListeners detects 0 listeners (Matthew Aitken) #56807
• [ccaf7fe737] - fs: make FileHandle.readableWebStream always create byte streams (Ian Kerins) #55461
• [974cec7a0a] - http: be more generational GC friendly (ywave620) #56767
• [be00058712] - inspector: add Network.Initiator in inspector protocol (Chengzhong Wu) #56805
• [31293a4b09] - inspector: fix GN build (Cheng) #56798
• [91a302356b] - inspector: fix StringUtil::CharacterCount for unicodes (Chengzhong Wu) #56788
• [3b305f25f2] - lib: filter node:quic from builtinModules when flag not used (James M Snell) #56870
• [f06ee4c54a] - meta: bump actions/upload-artifact from 4.4.3 to 4.6.0 (dependabot[bot]) #56861
• [d230bc3b3c] - meta: bump actions/setup-node from 4.1.0 to 4.2.0 (dependabot[bot]) #56868
• [d4ecfa745e] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #56889
• [698c56bb94] - meta: add @nodejs/url as codeowner (Chengzhong Wu) #56783
• [a274b28857] - module: fix require.resolve() crash on non-string paths (Aditi) #56942
• [4e3052aeee] - quic: fixup errant LocalVector usage (James M Snell) #56564
• [dfc61f7bb7] - readline: fix unresolved promise on abortion (Daniel Venable) #54030
• [9e60501f5e] - sqlite: fix coverity warnings related to backup() (Colin Ihrig) #56961
• [1913a4aabc] - sqlite: restore changes from #55373 (Colin Ihrig) #56908
• [8410c955b7] - sqlite: fix use-after-free in StatementSync due to premature GC (Divy Srivastava) #56840
• [01d732d629] - sqlite: handle conflicting SQLite and JS errors (Colin Ihrig) #56787
• [39997867cf] - (SEMVER-MINOR) sqlite: allow returning ArrayBufferViews from user-defined functions (René) #56790
• [8dc637681a] - sqlite, test: expose sqlite online backup api (Edy Silva) #56253
• [cfea53eccc] - src: use args.This() in zlib (Michaël Zasso) #56988
• [6b398d6d0b] - src: replace SplitString with built-in (Yagiz Nizipli) #54990
• [fbb32e0a08] - src: add nullptr handling for NativeKeyObject (Burkov Egor) #56900
• [83ff7be9fd] - src: disallow copy/move fns/constructors (Yagiz Nizipli) #56811
• [63611d0331] - src: add a hard dependency v8_inspector_headers (Chengzhong Wu) #56805
• [3d957d135c] - src: improve error handling in encoding_binding.cc (James M Snell) #56915
• [9e9ac3ccd8] - src: avoid copy by using std::views::keys (Yagiz Nizipli) #56080
• [086cdc297a] - src: remove obsolete NoArrayBufferZeroFillScope (James M Snell) #56913
• [915d7aeb37] - src: set signal inspector io thread name (RafaelGSS) #56416
• [f4b086d29d] - src: set thread name for main thread and v8 worker (RafaelGSS) #56416
• [3579143630] - src: set worker thread name using worker.name (RafaelGSS) #56416
• [736ff5de6d] - src: use a default thread name for inspector (RafaelGSS) #56416
• [be8e2b4d8f] - src: improve error handling in permission.cc (James M Snell) #56904
• [d6cf0911ee] - src: improve error handling in node_sqlite (James M Snell) #56891
• [521fed1bac] - src: improve error handling in node_os by removing ToLocalChecked (James M Snell) #56888
• [c9a99df8e7] - src: improve error handling in node_url (James M Snell) #56886
• [5c82ef3ace] - src: add memory retainer traits for external types (Chengzhong Wu) #56881
• [edb194b2d5] - src: prevent URLPattern property accessors from crashing on invalid this (James M Snell) #56877
• [9624049414] - src: pull in more electron boringssl adjustments (James M Snell) #56858
• [f8910e384d] - src: make multiple improvements to node_url_pattern (James M Snell) #56871
• [94a0237b18] - src: clean up some obsolete crypto methods (James M Snell) #56792
• [b240ca67b9] - src: add check for Bignum in GroupOrderSize (Burkov Egor) #56702
• [45692e9c7c] - src, deps: port electron's boringssl workarounds (James M Snell) #56812
• [a9d80d43cb] - (SEMVER-MINOR) src, quic: refine more of the quic implementation (James M Snell) #56328
• [93d0beb6c8] - src,test: expand test coverage for urlpattern and fix error (James M Snell) #56878
• [5a9732e1d0] - test: improve timeout duration for debugger events (Yagiz Nizipli) #56970
• [60c8fc07ff] - test: remove unnecessary syscall to cpuinfo (Yagiz Nizipli) #56968
• [40cdf756e6] - test: update webstorage wpt (Yagiz Nizipli) #56963
• [de77371a9e] - test: execute shell directly for refresh() (Yagiz Nizipli) #55051
• [f4254b8e70] - test: automatically sync wpt urlpattern tests (Jonas) #56949
• [a473d3f57a] - test: update snapshots for amaro v0.3.2 (Marco Ippolito) #56916
• [abca97f7e2] - test: change jenkins reporter (Carlos Espa) #56808
• [7c9fa11127] - test: fix race condition in test-child-process-bad-stdio (Colin Ihrig) #56845
• [b8b6e68836] - (SEMVER-MINOR) test: add WPT for URLPattern (Yagiz Nizipli) #56452
• [b6d3d52e20] - test: adjust check to use OpenSSL sec level (Michael Dawson) #56819
• [3beac87f92] - test: test-crypto-scrypt.js doesn't need internals (Meghan Denny) #56673
• [3af23a10f3] - test: set test-fs-cp as flaky (Stefan Stojanovic) #56799
• [1146f48f67] - test: search cctest files (Chengzhong Wu) #56791
• [86c199b25a] - test: convert test_encoding_binding.cc to a JS test (Chengzhong Wu) #56791
• [bd5484717c] - test: test-crypto-prime.js doesn't need internals (Meghan Denny) #56675
• [f5f54414e4] - test: temporary remove resource check from fs read-write (Rafael Gonzaga) #56789
• [c8bd2ba0ad] - test: mark test-without-async-context-frame flaky on windows (James M Snell) #56753
• [2c2e4a4ae0] - test: remove unnecessary code (Luigi Pinca) #56784
• [4606a5f79b] - test: mark test-esm-loader-hooks-inspect-wait flaky (Richard Lau) #56803
• [38c77e3462] - test: update WPT for url to a23788b77a (Node.js GitHub Bot) #56779
• [50ebd5fd31] - test: remove duplicate error reporter from ci (Carlos Espa) #56739
• [0c3ae25aec] - test_runner: print formatted errors on summary (Pietro Marchini) #56911
• [b5a8a812fb] - tools: bump eslint version (dependabot[bot]) #56869
• [e1f86c1b9d] - tools: remove test-asan/ubsan workflows (Michaël Zasso) #56823
• [405a6678b7] - tools: run macOS test workflow with Xcode 16.1 (Michaël Zasso) #56831
• [16529c130f] - tools: update sccache and sccache-action (Michaël Zasso) #56815
• [fe004111ea] - tools: fix license-builder for inspector_protocol (Michaël Zasso) #56814
• [bc97a90176] - (SEMVER-MINOR) url: add URLPattern implementation (Yagiz Nizipli) #56452
• [77294d8918] - util: enforce shouldColorize in styleText array arg (Marco Ippolito) #56722
• [8e6c191601] - zlib: use modern class syntax for zstd classes (Yagiz Nizipli) #56965
• [a3ca7f37a2] - zlib: make all zstd functions experimental (Yagiz Nizipli) #56964
• [4cc7907738] - (SEMVER-MINOR) zlib: add zstd support (Jan Krems) #52100

• [82a9000e9e] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #56566
• [b7fe54fc88] - (SEMVER-MINOR) fs: allow exclude option in globs to accept glob patterns (Daeyeon Jeong) #56489
• [3ac92ef607] - (SEMVER-MINOR) lib: add typescript support to STDIN eval (Marco Ippolito) #56359
• [1614e8e7bc] - (SEMVER-MINOR) module: add ERR_UNSUPPORTED_TYPESCRIPT_SYNTAX (Marco Ippolito) #56610
• [6d6cffa9cc] - (SEMVER-MINOR) module: add findPackageJSON util (Jacob Smith) #55412
• [d35333ae18] - (SEMVER-MINOR) process: add process.ref() and process.unref() methods (James M Snell) #56400
• [07ff3ddcb5] - (SEMVER-MINOR) sqlite: support TypedArray and DataView in StatementSync (Alex Yang) #56385
• [94d3fe1b62] - (SEMVER-MINOR) src: add --disable-sigusr1 to prevent signal i/o thread (Rafael Gonzaga) #56441
• [5afffb4415] - (SEMVER-MINOR) src,worker: add isInternalWorker (Carlos Espa) #56469
• [697a851fb3] - (SEMVER-MINOR) test_runner: add TestContext.prototype.waitFor() (Colin Ihrig) #56595
• [047537b48c] - (SEMVER-MINOR) test_runner: add t.assert.fileSnapshot() (Colin Ihrig) #56459
• [926cf84e95] - (SEMVER-MINOR) test_runner: add assert.register() API (Colin Ihrig) #56434
• [c658a8afdf] - (SEMVER-MINOR) worker: add eval ts input (Marco Ippolito) #56394

• [bad1ad8650] - assert: make myers_diff function more performant (Giovanni Bucci) #56303
• [e222e36f3b] - assert: make partialDeepStrictEqual work with urls and File prototypes (Giovanni Bucci) #56231
• [e232789fe2] - assert: show diff when doing partial comparisons (Giovanni Bucci) #56211
• [c99de1fdcf] - assert: make partialDeepStrictEqual throw when comparing [0] with [-0] (Giovanni) #56237
• [2386fd5840] - benchmark: add validateStream to styleText bench (Rafael Gonzaga) #56556
• [b197dfa7ec] - build: fix GN build for ngtcp2 (Cheng) #56300
• [2a3cdd34ff] - build: test macos-13 on GitHub actions (Michaël Zasso) #56307
• [12f716be0a] - build: build v8 with -fvisibility=hidden on macOS (Joyee Cheung) #56275
• [c5ca15bd34] - child_process: fix parsing messages with splitted length field (Maksim Gorkov) #56106
• [8346b8fc2c] - crypto: add missing return value check (Michael Dawson) #56615
• [82a9000e9e] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #56566
• [890eef20a1] - crypto: fix checkPrime crash with large buffers (Santiago Gimeno) #56559
• [5edb7b5e87] - crypto: fix warning of ignoring return value (Cheng) #56527
• [b89f123a0b] - crypto: make generatePrime/checkPrime interruptible (James M Snell) #56460
• [63c1859e01] - deps: update corepack to 0.31.0 (Node.js GitHub Bot) #56795
• [a48430d4d3] - deps: move inspector_protocol to deps (Chengzhong Wu) #56649
• [74cccc824f] - deps: macro ENODATA is deprecated in libc++ (Cheng) #56698
• [fa869ea0f2] - deps: fixup some minor coverity warnings (James M Snell) #56612
• [1a4fa2b015] - deps: update amaro to 0.3.0 (Node.js GitHub Bot) #56568
• [b47076fd82] - deps: update amaro to 0.2.2 (Node.js GitHub Bot) #56568
• [46bd4b8731] - deps: update simdutf to 6.0.3 (Node.js GitHub Bot) #56567
• [8ead9c693b] - deps: update simdutf to 5.7.2 (Node.js GitHub Bot) #56388
• [18d4b502af] - deps: update amaro to 0.2.1 (Node.js GitHub Bot) #56390
• [d938d7cc86] - deps: update googletest to 7d76a23 (Node.js GitHub Bot) #56387
• [9761e7dccb] - deps: update googletest to e54519b (Node.js GitHub Bot) #56370
• [8319dc6bc5] - deps: update ngtcp2 to 1.10.0 (Node.js GitHub Bot) #56334
• [6eacd19d6a] - deps: update simdutf to 5.7.0 (Node.js GitHub Bot) #56332
• [28bec2dda3] - diagnostics_channel: capture console messages (Stephen Belanger) #56292
• [d519d33502] - doc: update macOS and Xcode versions for releases (Michaël Zasso) #56337
• [fcfe650507] - doc: add note for features using InternalWorker with permission model (Antoine du Hamel) #56706
• [efbba182b5] - doc: add entry to changelog about SQLite Session Extension (Bart Louwers) #56318
• [31bf9c7dd9] - doc: move anatoli to emeritus (Michael Dawson) #56592
• [6096e38c7c] - doc: fix styles of the expandable TOC (Antoine du Hamel) #56755
• [d423638281] - doc: add "Skip to content" button (Antoine du Hamel) #56750
• [edeb157d75] - doc: improve accessibility of expandable lists (Antoine du Hamel) #56749
• [1a79e87687] - doc: add note regarding commit message trailers (Dario Piotrowicz) #56736
• [927c7e47e4] - doc: fix typo in example code for util.styleText (Robin Mehner) #56720
• [fade522538] - doc: fix inconsistencies in WeakSet and WeakMap comparison details (Shreyans Pathak) #56683
• [55533bf147] - doc: add RafaelGSS as latest sec release stewards (Rafael Gonzaga) #56682
• [8e978bdee1] - doc: clarify cjs/esm diff in queueMicrotask() vs process.nextTick() (Dario Piotrowicz) #56659
• [ae360c30dc] - doc: WeakSet and WeakMap comparison details (Shreyans Pathak) #56648
• [acd2a2fda5] - doc: mention prepare --security (Rafael Gonzaga) #56617
• [d3c0a2831d] - doc: tweak info on reposts in ambassador program (Michael Dawson) #56589
• [3299505b49] - doc: add type stripping to ambassadors program (Marco Ippolito) #56598
• [b1a6ffa4e4] - doc: improve internal documentation on built-in snapshot (Joyee Cheung) #56505
• [1641a28930] - doc: document CLI way to open the nodejs/bluesky PR (Antoine du Hamel) #56506
• [2042628fda] - doc: add section about using npx with permission model (Rafael Gonzaga) #56539
• [ace19a0263] - doc: update gcc-version for ubuntu-lts (Kunal Kumar) #56553
• [4aa57b50f8] - doc: fix parentheses in options (Tobias Nießen) #56563
• [b40b01b4d3] - doc: include CVE to EOL lines as sec release process (Rafael Gonzaga) #56520
• [6701360113] - doc: add esm examples to node:trace_events (Alfredo González) #56514
• [d3207cca3e] - doc: add message for Ambassadors to promote (Michael Dawson) #56235
• [97ece4ae06] - doc: allow request for TSC reviews via the GitHub UI (Antoine du Hamel) #56493
• [03f25055ab] - doc: add example for piping ReadableStream (Gabriel Schulhof) #56415
• [516d07482c] - doc: expand description of parseArg's default (Kevin Gibbons) #54431
• [a6491effcb] - doc: use <ul> instead of <ol> in SECURITY.md (Antoine du Hamel) #56346
• [e4ec134b21] - doc: clarify that WASM is trusted (Matteo Collina) #56345
• [0f7aed8a59] - doc: fix the crc32 documentation (Kevin Toshihiro Uehara) #55898
• [721104a296] - doc: fix links in module.md (Antoine du Hamel) #56283
• [928540d792] - doc: fix typos (Nathan Baulch) #55066
• [e69d35f03b] - doc: add history info for Permission Model (Antoine du Hamel) #56707
• [c6fd867ab5] - esm: fix jsdoc type refs to ModuleJobBase in esm/loader (Jacob Smith) #56499
• [9cf9046bd7] - Revert "events: add hasEventListener util for validate" (origranot) #56282
• [b7fe54fc88] - (SEMVER-MINOR) fs: allow exclude option in globs to accept glob patterns (Daeyeon Jeong) #56489
• [6ca27c2a59] - http2: omit server name when HTTP2 host is IP address (islandryu) #56530
• [9f1fa199bf] - inspector: roll inspector_protocol (Chengzhong Wu) #56649
• [0dae4bb3ab] - inspector: add undici http tracking support (Chengzhong Wu) #56488
• [2c6124cec4] - inspector: report loadingFinished until the response data is consumed (Chengzhong Wu) #56372
• [96ec862ce2] - lib: refactor execution.js (Marco Ippolito) #56358
• [3ac92ef607] - (SEMVER-MINOR) lib: add typescript support to STDIN eval (Marco Ippolito) #56359
• [d5bf3db0cf] - lib: allow skipping source maps in node_modules (Chengzhong Wu) #56639
• [d33eaf2bcb] - lib: ensure FORCE_COLOR forces color output in non-TTY environments (Pietro Marchini) #55404
• [dc003218a8] - lib: optimize prepareStackTrace on builtin frames (Chengzhong Wu) #56299
• [df06524863] - lib: suppress source map lookup exceptions (Chengzhong Wu) #56299
• [35335a5a66] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #56580
• [1faabdb150] - meta: add codeowners of security release document (Rafael Gonzaga) #56521
• [b4ece22ef5] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #56342
• [9ec67e7ce0] - meta: move MoLow to TSC regular member (Moshe Atlow) #56276
• [bae4b2e20a] - module: use more defensive code when handling SWC errors (Antoine du Hamel) #56646
• [1614e8e7bc] - (SEMVER-MINOR) module: add ERR_UNSUPPORTED_TYPESCRIPT_SYNTAX (Marco Ippolito) #56610
• [174d88eab1] - module: support eval with ts syntax detection (Marco Ippolito) #56285
• [299d6fa829] - module: fix jsdoc for format parameter in cjs/loader (pacexy) #56501
• [0307e4dd59] - module: unify TypeScript and .mjs handling in CommonJS (Joyee Cheung) #55590
• [1f4f9be93d] - module: fix async resolution error within the sync findPackageJSON (Jacob Smith) #56382
• [bbedffa0f0] - module: simplify findPackageJSON implementation (Antoine du Hamel) #55543
• [6d6cffa9cc] - (SEMVER-MINOR) module: add findPackageJSON util (Jacob Smith) #55412
• [cd7ce18233] - module: fix bad require.resolve with option paths for . and .. (Dario Piotrowicz) #56735
• [152df4da21] - module: rethrow amaro error message (Marco Ippolito) #56568
• [acba5dc87e] - module: use buffer.toString base64 (Chengzhong Wu) #56315
• [01e69be8ff] - node-api: define version 10 (Gabriel Schulhof) #55676
• [724524528e] - node-api: remove deprecated attribute from napi_module_register (Vladimir Morozov) #56162
• [c78e11064f] - process: remove support for undocumented symbol (Antoine du Hamel) #56552
• [3f69b18a23] - process: fix symbol key and mark experimental new node:process methods (Antoine du Hamel) #56517
• [d35333ae18] - (SEMVER-MINOR) process: add process.ref() and process.unref() methods (James M Snell) #56400
• [fa49f0f7d5] - punycode: limit deprecation warning (Colin Ihrig) #56632
• [d77c7073b7] - sqlite: disable memstatus APIs at build time (Colin Ihrig) #56541
• [07ff3ddcb5] - (SEMVER-MINOR) sqlite: support TypedArray and DataView in StatementSync (Alex Yang) #56385
• [b6c2e91365] - sqlite: enable SQL math functions (Colin Ihrig) #56447
• [3462263e8b] - sqlite: pass conflict type to conflict resolution handler (Bart Louwers) #56352
• [89ba3af743] - src: add nullptr handling from X509_STORE_new() (Burkov Egor) #56700
• [89a7c82e0c] - src: add default value for RSACipherConfig mode field (Burkov Egor) #56701
• [7bae51e62e] - src: fix build with GCC 15 (tjuhaszrh) #56740
• [432a4b8bd6] - src: fix to generate path from wchar_t via wstring (yamachu) #56696
• [8c9eaf82f0] - src: initialize FSReqWrapSync in path that uses it (Michaël Zasso) #56613
• [bcdb42d40b] - src: handle duplicate paths granted (Rafael Gonzaga) #56591
• [d6a7acc207] - src: update ECKeyPointer in ncrypto (James M Snell) #56526
• [01922f8b1f] - src: update ECPointPointer in ncrypto (James M Snell) #56526
• [2a3a36eceb] - src: update ECGroupPointer in ncrypto (James M Snell) #56526
• [67c10cdacb] - src: update ECDASSigPointer implementation in ncrypto (James M Snell) #56526
• [17f931c68b] - src: cleaning up more crypto internals for ncrypto (James M Snell) #56526
• [94d3fe1b62] - (SEMVER-MINOR) src: add --disable-sigusr1 to prevent signal i/o thread (Rafael Gonzaga) #56441
• [6594ee8dff] - src: fix undefined script name in error source (Chengzhong Wu) #56502
• [b46bad3e91] - src: refactor --trace-env to reuse option selection and handling (Joyee Cheung) #56293
• [76921b822b] - src: minor cleanups on OneByteString usage (James M Snell) #56482
• [3f0d1dd4fe] - src: move more crypto impl detail to ncrypto dep (James M Snell) #56421
• [04f623b283] - src: fixup more ToLocalChecked uses in node_file (James M Snell) #56484
• [5aa436f5a1] - src: make some minor ToLocalChecked cleanups (James M Snell) #56483
• [6eec5e7ec2] - src: lock the thread properly in snapshot builder (Joyee Cheung) #56327
• [5614993968] - src: drain platform tasks before creating startup snapshot (Chengzhong Wu) #56403
• [48493e9fd5] - src: use LocalVector in more places (James M Snell) #56457
• [7e5ea0681e] - src: use v8::LocalVector consistently with other minor cleanups (James M Snell) #56417
• [ad3d857f2b] - src: use starts_with in fs_permission.cc (ishabi) #55811
• [5afffb4415] - (SEMVER-MINOR) src,worker: add isInternalWorker (Carlos Espa) #56469
• [7d1676e72e] - stream: fix typo in ReadableStreamBYOBReader.readIntoRequests (Mattias Buelens) #56560
• [e658ea6b26] - stream: validate undefined sizeAlgorithm in WritableStream (Jason Zhang) #56067
• [e4f133c20c] - test: add ts eval snapshots (Marco Ippolito) #56358
• [f041742400] - test: remove empty lines from snapshots (Marco Ippolito) #56358
• [801cde91f6] - test: reduce number of written chunks (Luigi Pinca) #56757
• [6fdf1879ab] - test: fix invalid common.mustSucceed() usage (Luigi Pinca) #56756
• [d2bfbfa364] - test: use strict mode in global setters test (Rich Trott) #56742
• [5c030da42f] - test: cleanup and simplify test-crypto-aes-wrap (James M Snell) #56748
• [f1442d6eaf] - test: do not use common.isMainThread (Luigi Pinca) #56768
• [49405bd9e7] - test: make some requires lazy in common/index (James M Snell) #56715
• [52ef376788] - test: add test that uses multibyte for path and resolves modules (yamachu) #56696
• [b811dea85a] - test: replace more uses of global with globalThis (James M Snell) #56712
• [eb97076199] - test: make common/index slightly less node.js specific (James M Snell) #56712
• [1795202d19] - test: rely less on duplicative common test harness utilities (James M Snell) #56712
• [5be29a274e] - test: simplify common/index.js (James M Snell) #56712
• [92e99780f0] - test: move hasMultiLocalhost to common/net (James M Snell) #56716
• [1c3204a4cc] - test: move crypto related common utilities in common/crypto (James M Snell) #56714
• [fe79d63be0] - test: add missing test for env file (Jonas) #56642
• [e08af61537] - test: enforce strict mode in test-zlib-const (Rich Trott) #56689
• [c96792d7f8] - test: fix localization data for ICU 74.2 (Antoine du Hamel) #56661
• [48b72f1195] - test: use --permission instead of --experimental-permission (Rafael Gonzaga) #56685
• [de81d90fce] - test: test-stream-compose.js doesn't need internals (Meghan Denny) #56619
• [f5b8499ad0] - test: add maxCount and gcOptions to gcUntil() (Joyee Cheung) #56522
• [d9e5a81041] - test: add line break at end of file (Rafael Gonzaga) #56588
• [59be346fbf] - test: mark test-worker-prof as flaky on smartos (Joyee Cheung) #56583
• [12a2cae9e5] - test: update test-child-process-bad-stdio to use node:test (Colin Ihrig) #56562
• [2dc4a30e19] - test: disable openssl 3.4.0 incompatible tests (Jelle van der Waa) #56160
• [1950fbf51d] - test: make test-crypto-hash compatible with OpenSSL > 3.4.0 (Jelle van der Waa) #56160
• [a533420a91] - test: clarify fork inherit permission flags (Rafael Gonzaga) #56523
• [697e799dc1] - test: add error only reporter for node:test (Carlos Espa) #56438
• [4844fa212d] - test: mark test-http-server-request-timeouts-mixed as flaky (Joyee Cheung) #56503
• [843c2389b9] - test: update error code in tls-psk-circuit for for OpenSSL 3.4 (sebastianas) #56420
• [ccb2ddbd83] - test: update compiled sqlite tests to match other tests (Colin Ihrig) #56446
• [b40f50324d] - test: add initial test426 coverage (Chengzhong Wu) #56436
• [059f81e4fd] - test: update test-set-http-max-http-headers to use node:test (Colin Ihrig) #56439
• [ec2940b418] - test: update test-child-process-windows-hide to use node:test (Colin Ihrig) #56437
• [0362924880] - test: use unusual chars in the path to ensure our tests are robust (Antoine du Hamel) #48409
• [b6c3869910] - test: improve abort signal dropping test (Edy Silva) #56339
• [cc648ef923] - test: enable ts test on win arm64 (Marco Ippolito) #56349
• [68819b4997] - test: deflake test-watch-file-shared-dependency (Luigi Pinca) #56344
• [ca6ed2190c] - test: skip test-sqlite-extensions when SQLite is not built by us (Antoine du Hamel) #56341
• [8ffeb8b58c] - test: increase spin for eventloop test on s390 (Michael Dawson) #56228
• [6ae9950f08] - test: migrate message eval tests from Python to JS (Yiyun Lei) #50482
• [4352bf69e9] - test: check typescript loader (Marco Ippolito) #54657
• [406e7db9c3] - test: remove async-hooks/test-writewrap flaky designation (Luigi Pinca) #56048
• [fa56ab2bba] - test: deflake test-esm-loader-hooks-inspect-brk (Luigi Pinca) #56050
• [8e149aac99] - test: add test case for listeners (origranot) #56282
• [a3f5ef22cd] - test: make test-permission-sqlite-load-extension more robust (Antoine du Hamel) #56295
• [8cbb7cc838] - test_runner: print failing assertion only once with spec reporter (Pietro Marchini) #56662
• [1f426bad9a] - test_runner: remove unused errors (Pietro Marchini) #56607
• [697a851fb3] - (SEMVER-MINOR) test_runner: add TestContext.prototype.waitFor() (Colin Ihrig) #56595
• [047537b48c] - (SEMVER-MINOR) test_runner: add t.assert.fileSnapshot() (Colin Ihrig) #56459
• [19b4aa4b14] - test_runner: run single test file benchmark (Pietro Marchini) #56479
• [926cf84e95] - (SEMVER-MINOR) test_runner: add assert.register() API (Colin Ihrig) #56434
• [fb4661a4cf] - test_runner: finish marking snapshot testing as stable (Colin Ihrig) #56425
• [900c6c3940] - tls: fix error stack conversion in cryptoErrorListToException() (Joyee Cheung) #56554
• [e9f185b658] - tools: update doc to new version (Node.js GitHub Bot) #56259
• [7644c7e619] - tools: update inspector_protocol roller (Chengzhong Wu) #56649
• [362272b0a4] - tools: do not throw on missing create-release-proposal.sh (Antoine du Hamel) #56704
• [df8b835953] - tools: fix tools-deps-update (Daniel Lemire) #56684
• [feba5d3274] - tools: do not throw on missing create-release-proposal.sh (Antoine du Hamel) #56695
• [9827f7d395] - tools: fix permissions in lint-release-proposal workflow (Antoine du Hamel) #56614
• [14c562c0dc] - tools: remove github reporter (Carlos Espa) #56468
• [ed1785d0ae] - tools: edit create-release-proposal workflow (Antoine du Hamel) #56540
• [294e4c42f5] - tools: validate commit list as part of lint-release-commit (Antoine du Hamel) #56291
• [98d3474267] - tools: fix loong64 build failed (Xiao-Tao) #56466
• [3e729ceec8] - tools: disable unneeded rule ignoring in Python linting (Rich Trott) #56429
• [d5c05328e2] - tools: use a configurable value for number of open dependabot PRs (Antoine du Hamel) #56427
• [1705cbe002] - tools: bump the eslint group in /tools/eslint with 4 updates (dependabot[bot]) #56426
• [53b29b0469] - tools: fix require-common-first lint rule from subfolder (Antoine du Hamel) #56325
• [105c4ed4fb] - tools: add release line label when opening release proposal (Antoine du Hamel) #56317
• [30f61f4aa5] - url: use resolved path to convert UNC paths to URL (Antoine du Hamel) #56302
• [a0aef4dfb6] - util: inspect: do not crash on an Error stack that contains a Symbol (Jordan Harband) #56573
• [a8a060341f] - util: inspect: do not crash on an Error with a regex name (Jordan Harband) #56574
• [ea66bf3553] - util: rename CallSite.column to columnNumber (Chengzhong Wu) #56584
• [9cdc3b373c] - util: do not crash on inspecting function with Symbol name (Jordan Harband) #56572
• [0bfbb68569] - util: expose CallSite.scriptId (Chengzhong Wu) #56551
• [5dd7116e09] - watch: reload env file for --env-file-if-exists (Jonas) #56643
• [c658a8afdf] - (SEMVER-MINOR) worker: add eval ts input (Marco Ippolito) #56394
• [2e5d038f48] - worker: refactor stdio to improve performance (Matteo Collina) #56630
• [f959805d01] - worker: flush stdout and stderr on exit (Matteo Collina) #56428